Windows 8: webcake + antivir Berechtigung fehlt

night507 · 04.08.2013, 23:11

Hallo alle Zusammen,
zum meinem ersten Problem:
Heute ist mir aufgefallen, dass firefox beim erstellen eines neuen Tabs immer die seite "Delta Search" geöffnet hat und dass außerdem mein Laptop ziemlich viel CPU(~40%) und Arbeitsspeicher(~34%) Auslastung hat und dadurch der Lüfter auf niedriger Stufe beim Surfen läuft (sonst war er bei sowas eigentlich immer komplett aus).

Ich führe das auf die Installation am Samstag von "Free M4a to MP3 Converter" zurück, den ich allerdings von chip.de geladen habe. Nach der Installation, bei der ich alle zusätzlichen haken abgewählt hatte, hat sich firefox neu gestartet und als Startseite war auch delta search eingestellt. Das hab ich gleich mal geändert und das Programm wieder deinstalliert.
Nachdem mir heute das mit dem neuen Tab aufgefallen war, hab ich mal meine Programme durchforstet und da sind mir einige toolbars und Programme aufgefallen, die da eigentlich nicht sein sollten.
Ich hab immer vorher gegoogelt was es für ein Programm ist. als ich dann webcake gegoogelt hab, bin ich gleich auf diesen Thread von hier gestoßen http://www.trojaner-board.de/137166-...e-wichtig.html
Als ich mir das durchgelesen habe, hab ich mal Schritt 1 und 2 ausgeführt.
Ich hab zuerst mal nur mit adwcleaner gescannt. das log hab ich noch, aber erstmal aus dem Text gelassen, da ich sonst zu viele zeichen habe

Falls es doch noch benötigt wird, kann ich es noch nachreichen ^^
daraufhin hab ich dann "löschen" ausgeführt und nach dem neustart diese log Datei erhalten:

Code:

ATTFilter

# AdwCleaner v2.306 - Datei am 04/08/2013 um 21:44:38 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 8 Pro  (64 bits)
# Benutzer : Tobias - TOBI-NOTEBOOK
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobias\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : APNMCP

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Windows\Tasks\AmiUpdXp.job
Gelöscht mit Neustart : C:\ProgramData\BrowserDefender
Ordner Gelöscht : C:\Program Files (x86)\AskPartnerNetwork
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\ProgramData\APN
Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Tobias\AppData\Local\AskPartnerNetwork
Ordner Gelöscht : C:\Users\Tobias\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Tobias\AppData\Local\SwvUpdater
Ordner Gelöscht : C:\Users\Tobias\AppData\Local\Temp\APN
Ordner Gelöscht : C:\Users\Tobias\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Tobias\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Tobias\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Tobias\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Tobias\AppData\Roaming\OpenCandy

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3281675
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5a68adeb239eb14
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=10D7247703D02305&affID=124008&tsp=4963 --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\prefs.js

C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\user.js ... Gelöscht !

Gelöscht : user_pref("CT3281675_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Gelöscht : user_pref("browser.search.defaultthis.engineName", "entrusted Customized Web Search");
Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3281675&CUI[...]
Gelöscht : user_pref("extensions.antigameorigin@antigame.de.AGO_DE_UNI119_118479_Current", "{\"version\":1,\"I3[...]
Gelöscht : user_pref("extensions.antigameorigin@antigame.de.AGO_DE_UNI1_469543_Current", "{\"version\":1,\"I31\[...]
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.dfltLng", "de");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.id", "10d7657e000000000000247703d02305");
Gelöscht : user_pref("extensions.delta.instlDay", "15920");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.22.0");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.22.018:48:03");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.22.0");
Gelöscht : user_pref("extensions.delta_i.babExt", "");
Gelöscht : user_pref("extensions.delta_i.babTrack", "affID=124008&tsp=4963");
Gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Gelöscht : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true);
Gelöscht : user_pref("extensions.toolbar_AVIRA-V7@apn.ask.com.install-event-fired", true);

*************************

AdwCleaner[R1].txt - [8173 octets] - [04/08/2013 21:44:10]
AdwCleaner[S1].txt - [8105 octets] - [04/08/2013 21:44:38]

########## EOF - C:\AdwCleaner[S1].txt - [8165 octets] ##########

dann hab ich sicherheitshalber nochmal nen scan durchgeführt

Code:

ATTFilter

# AdwCleaner v2.306 - Datei am 04/08/2013 um 21:52:04 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 8 Pro  (64 bits)
# Benutzer : Tobias - TOBI-NOTEBOOK
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobias\Downloads\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [8173 octets] - [04/08/2013 21:44:10]
AdwCleaner[R2].txt - [769 octets] - [04/08/2013 21:52:04]
AdwCleaner[S1].txt - [8226 octets] - [04/08/2013 21:44:38]

########## EOF - C:\AdwCleaner[R2].txt - [888 octets] ##########

Bei Schritt 3 hab ich mir mal gedacht, dass ich da mal abbreche und lieber nen eigenen Thread erstelle um zu fragen ob das Problem damit schon behoben ist.

Um Chonologisch genau zu sein, kommt jetzt mal der vermutete Auslöser für mein zweites Problem:
Ich hab CCleaner durchlaufen lassen und auch die Registry gecleant, hab damit nie Probleme gehabt, aber jetzt bin ich auch schlauer. Man muss dazu sagen, dass ich erst vor ein paar Tagen auf anraten eines Kollegen von avast auf avira antivir umgestiegen bin. Das war mein erster Registry Clean mit Antivir im Hintergrund und auch mein erstes Problem mit dem Registry Clean von CCleaner.

Auf jedenfall hab ich dann angefangen die Liste abzuarbeiten bevor man einen neuen Thread erstellt.
zuerstmal defogger ausgeführt, welcher mein Daemen tools deaktiviert hat.

Daraufhin FRST ausgeführt und diese Logs erhalten:
FRST.txt:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-08-2013
Ran by Tobias (administrator) on 04-08-2013 22:09:36
Running from C:\Users\Tobias\Downloads
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Bopsoft) C:\Program Files\Listary\Listary.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Broadcom Corporation.) C:\Windows\system32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Lenovo Group Limited) C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.EXE
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE
(Intel Corporation) C:\Windows\system32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
() C:\Program Files\Listary\ListaryHelper64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(EJIE Technology) C:\Program Files (x86)\Clover\clover.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe [51712 2012-07-26] (Microsoft Corporation)
HKLM\...\Run: [TpShocks] - C:\WINDOWS\SYSTEM32\TpShocks.exe [382248 2013-02-12] (Lenovo.)
HKLM\...\Run: [LnvMobHotspotClient] - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937976 2013-04-11] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [594936 2013-02-28] (Lenovo Corporation)
HKLM\...\Run: [PasswordManager] - C:\Program Files\Lenovo\Password Manager\password_manager.exe [1534888 2012-10-23] (Lenovo Group Limited)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Windows\skipmetrosuite.exe,
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Tobias\AppData\Local\Akamai\netsession_win.exe [4441920 2012-10-09] (Akamai Technologies, Inc.)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1476104 2012-12-20] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2012-12-18] (Samsung Electronics)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
MountPoints2: {6dacaacc-bdee-11e2-bec2-689423ec0b00} - "D:\Windows\CHECK\DriveNavigator.exe" 
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [59392 2012-05-02] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] - rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor [x]
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [701872 2013-01-24] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-18] (Avira Operations GmbH & Co. KG)
HKU\Default\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-05-17] (Lenovo)
HKU\Default User\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-05-17] (Lenovo)
HKU\UpdatusUser\...\Run: [Akamai NetSession Interface] - C:\Users\Tobias\AppData\Local\Akamai\netsession_win.exe [4441920 2012-10-09] (Akamai Technologies, Inc.)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL,C:\Windows\system32\nvinitx.dll [245872 2013-01-11] (NVIDIA Corporation)
AppInit_DLLs-x32:  c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll c:\windows\syswow64\nvinit.dll [245872 2013-01-11] ()
IMEO\sidebar.exe: [Debugger] C:\Program Files (x86)\Windows Sidebar\8GadgetPack.exe -run
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

ProxyServer: proxy.fh-albsig.de:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {E0A620E2-999C-4647-86B9-EE413DD791BD} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281675&CUI=UN38280861895722233&UM=1&SSPV=SP_IENSP08
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: IePasswordManagerHelper Class - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Password Manager\tvtpwm_ie_com.dll (Lenovo Group Limited)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO: ExplorerWatcher Class - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - C:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Technology)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: IePasswordManagerHelper Class - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Password Manager\tvtpwm_ie_com.dll (Lenovo Group Limited)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - f:\Programme\Microsoft Visual Studio 2010 Ultimate\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} https://vpn.hs-albsig.de/CACHE/stc/1/binaries/vpnweb.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Extension: adblockpopups - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: antigameorigin - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\antigameorigin@antigame.de.xpi
FF Extension: firebug - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: gmailwatcher - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\gmailwatcher@sonthakit.xpi
FF Extension: jid0-SQnwtgW1b8BsMB5PLV5WScEDWOw - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOw@jetpack.xpi
FF Extension: mytube - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\mytube@ashishmishra.in.xpi
FF Extension: searchy - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\searchy@searchy.xpi
FF Extension: toolbar_AVIRA-V7 - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: youtube2mp3 - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\youtube2mp3@mondayx.de.xpi
FF Extension: YoutubeDownloader - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\{71bfcce7-421d-4042-95d4-a585a821cbca}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKCU\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [811064 2013-07-18] (Avira Operations GmbH & Co. KG)
S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [152568 2013-02-28] (Lenovo Corporation)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2012-10-02] (Broadcom Corporation.)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2012-12-26] (Lenovo.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [1628664 2013-02-06] (Lenovo Group Limited)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [677880 2013-02-28] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [465912 2013-04-11] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [463352 2013-03-27] ()
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-11-15] ()
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22376 2013-06-26] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-11-15] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-02-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [83672 2013-07-18] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2012-10-02] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 BTWPANFL; C:\Windows\system32\drivers\btwpanfl.sys [44912 2013-01-19] (Broadcom Corporation.)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-05-09] (DT Soft Ltd)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c63x64.sys [452432 2012-11-26] (Intel Corporation)
R3 LenovoRd; C:\Windows\system32\DRIVERS\LenovoRd.sys [126848 2012-12-06] (Gemalto)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [27496 2012-07-30] (Lenovo)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4309032 2012-11-22] (Intel Corporation)
R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [284448 2013-01-11] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-18] (Synaptics Incorporated)
R2 smihlp2; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R3 tvtvcamd; C:\Windows\system32\DRIVERS\tvtvcamd.sys [27432 2011-12-08] (ThinkVantage Communications Utility)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [50128 2013-01-24] (Cisco Systems, Inc.)
S3 VSPerfDrv100; F:\Programme\Microsoft Visual Studio 2010 Ultimate\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2011-01-18] (Microsoft Corporation)
S3 VSPerfDrv100; F:\Programme\Microsoft Visual Studio 2010 Ultimate\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2011-01-18] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [x]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-04 22:08 - 2013-08-04 22:08 - 01781485 _____ (Farbar) C:\Users\Tobias\Downloads\FRST64.exe
2013-08-04 22:07 - 2013-08-04 22:07 - 00000544 _____ C:\Users\Tobias\Desktop\defogger_disable.log
2013-08-04 22:07 - 2013-08-04 22:07 - 00000168 _____ C:\Users\Tobias\defogger_reenable
2013-08-04 22:05 - 2013-08-04 22:05 - 00050477 _____ C:\Users\Tobias\Downloads\Defogger.exe
2013-08-04 22:02 - 2013-08-04 22:02 - 00041602 _____ F:\Eigene Dateien\Eigene Dokumente\cc_20130804_220232.reg
2013-08-04 22:01 - 2013-08-04 21:52 - 00000956 _____ C:\Users\Tobias\Desktop\AdwCleaner[R2].txt
2013-08-04 22:01 - 2013-08-04 21:44 - 00008226 _____ C:\Users\Tobias\Desktop\AdwCleaner[S1].txt
2013-08-04 22:01 - 2013-08-04 21:44 - 00008173 _____ C:\Users\Tobias\Desktop\AdwCleaner[R1].txt
2013-08-04 21:52 - 2013-08-04 21:52 - 00000956 _____ C:\AdwCleaner[R2].txt
2013-08-04 21:44 - 2013-08-04 21:44 - 00008226 _____ C:\AdwCleaner[S1].txt
2013-08-04 21:44 - 2013-08-04 21:44 - 00008173 _____ C:\AdwCleaner[R1].txt
2013-08-04 21:44 - 2013-08-04 21:44 - 00000098 _____ C:\Windows\DeleteOnReboot.bat
2013-08-04 21:42 - 2013-08-04 21:42 - 00666633 _____ C:\Users\Tobias\Downloads\adwcleaner.exe
2013-08-03 20:13 - 2013-08-03 20:13 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-08-03 19:59 - 2013-08-03 20:19 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Audacity
2013-08-03 19:57 - 2013-08-03 19:57 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-08-03 19:57 - 2009-09-27 09:39 - 00369152 ___SH (The Public) C:\Windows\SysWOW64\avisynth.dll
2013-08-03 19:57 - 2005-07-14 12:31 - 00032256 ___SH C:\Windows\SysWOW64\AVSredirect.dll
2013-08-03 19:57 - 2004-02-22 10:11 - 00719872 ___SH (Abysmal Software) C:\Windows\SysWOW64\devil.dll
2013-08-03 19:57 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2013-08-03 19:57 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll
2013-08-03 19:56 - 2013-08-03 19:56 - 00000000 ____D F:\Eigene Dateien\Eigene Dokumente\eRightSoft
2013-08-03 19:55 - 2013-08-03 19:55 - 00001112 _____ C:\Users\Public\Desktop\SUPER ©.lnk
2013-08-03 19:55 - 2013-08-03 19:55 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2013-08-03 19:55 - 2012-10-05 19:54 - 00188416 __RSH C:\Windows\SysWOW64\winDCE32.dll
2013-08-03 19:55 - 2011-06-14 20:05 - 00121344 __RSH C:\Windows\SysWOW64\TAKDSDecoder.ax
2013-08-03 19:55 - 2011-02-11 11:26 - 00112128 __RSH C:\Windows\SysWOW64\OptimFROG.dll
2013-08-03 19:55 - 2010-01-07 00:00 - 00107520 __RSH C:\Windows\SysWOW64\TAKDSDecoder.dll
2013-08-03 19:55 - 2009-03-17 10:38 - 00070656 __RSH C:\Windows\SysWOW64\RLAPEDec.ax
2013-08-03 19:55 - 2009-01-18 17:15 - 00120832 __RSH C:\Windows\SysWOW64\MPCDx.ax
2013-08-03 19:55 - 2009-01-18 12:03 - 00107520 __RSH C:\Windows\SysWOW64\RLMPCDec.ax
2013-08-03 19:55 - 2008-03-16 14:30 - 00216064 __RSH (MONOGRAM Multimedia, s.r.o.) C:\Windows\SysWOW64\nbDX.dll
2013-08-03 19:55 - 2007-02-21 12:47 - 00031232 __RSH (Hans Mayerl) C:\Windows\SysWOW64\msfDX.dll
2013-08-03 19:55 - 2006-09-12 12:46 - 00227328 __RSH () C:\Windows\SysWOW64\ac3DX.ax
2013-08-03 19:55 - 2006-08-16 15:53 - 00175104 __RSH () C:\Windows\SysWOW64\CoreAAC.ax
2013-08-03 19:55 - 2006-05-03 11:06 - 00163328 __RSH (Gabest) C:\Windows\SysWOW64\flvDX.dll
2013-08-03 19:55 - 2006-03-10 21:21 - 00195584 __RSH C:\Windows\SysWOW64\MatroskaDX.ax
2013-08-03 19:55 - 2006-01-13 00:23 - 00123904 __RSH (CoreCodec) C:\Windows\SysWOW64\AVCDX.ax
2013-08-03 19:55 - 2005-11-25 21:46 - 00161792 __RSH (Gabest) C:\Windows\SysWOW64\RealMediaDX.ax
2013-08-03 19:55 - 2005-02-22 17:55 - 00081920 __RSH C:\Windows\SysWOW64\aac_parser.ax
2013-08-03 19:55 - 2005-02-13 00:00 - 00186880 __RSH (RadLight) C:\Windows\SysWOW64\RLOgg.ax
2013-08-03 19:55 - 2005-02-13 00:00 - 00067584 __RSH (RadLight, LLC) C:\Windows\SysWOW64\RLTheoraDec.ax
2013-08-03 19:55 - 2005-02-13 00:00 - 00051712 __RSH C:\Windows\SysWOW64\RLSpeexDec.ax
2013-08-03 19:55 - 2005-02-06 00:00 - 00092672 __RSH (RadLight) C:\Windows\SysWOW64\RLVorbisDec.ax
2013-08-03 19:55 - 2005-01-18 00:26 - 00179200 __RSH (Gabest) C:\Windows\SysWOW64\DiracSplitter.ax
2013-08-03 19:55 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2013-08-03 19:55 - 2004-09-17 04:07 - 00090112 __RSH (-) C:\Windows\SysWOW64\TTADSSplitter.ax
2013-08-03 19:55 - 2004-08-22 11:56 - 00090112 __RSH (-) C:\Windows\SysWOW64\TTADSDecoder.ax
2013-08-03 19:55 - 2004-07-02 17:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2013-08-03 19:55 - 2004-04-27 17:03 - 00017408 __RSH (RadLight) C:\Windows\SysWOW64\RLOFRDec.ax
2013-08-03 19:55 - 2003-12-07 08:59 - 00097280 __RSH C:\Windows\SysWOW64\FLACDX.ax
2013-08-03 18:51 - 2013-08-03 18:51 - 00001011 _____ C:\Users\Tobias\Desktop\Audacity.lnk
2013-08-03 18:51 - 2013-08-03 18:51 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-08-03 17:51 - 2013-08-03 17:52 - 10567577 _____ C:\Users\Tobias\Desktop\Despicable Me 2 _ Minions Banana Song (2013) SNSD TTS - YouTube [1080p].mp4
2013-08-03 13:18 - 2013-08-03 13:18 - 00001991 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2013-07-30 16:05 - 2013-07-30 16:05 - 00020001 _____ F:\Eigene Dateien\Eigene Dokumente\playlist.m3u
2013-07-29 17:43 - 2013-08-04 18:36 - 00002731 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-07-29 17:32 - 2013-08-03 14:36 - 00000030 _____ C:\Users\Tobias\Desktop\Neues Textdokument.txt
2013-07-29 16:09 - 2013-07-29 16:09 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Avira
2013-07-29 16:03 - 2013-07-29 16:03 - 00000000 ____D C:\ProgramData\Avira
2013-07-29 16:03 - 2013-07-29 16:03 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-29 16:03 - 2013-07-18 08:02 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-29 16:03 - 2013-07-18 08:02 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-07-29 16:03 - 2013-07-18 08:02 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-29 16:03 - 2013-02-26 16:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-07-25 13:35 - 2013-07-25 13:35 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\postgresql
2013-07-25 13:28 - 2013-07-25 13:28 - 00000000 ____D C:\Program Files (x86)\OpenNMS
2013-07-25 13:25 - 2013-07-25 13:25 - 00000000 ____D C:\Users\Tobias\Downloads\standalone-opennms-installer-1.10.11-1
2013-07-25 13:13 - 2013-07-25 13:13 - 07741664 _____ (EnterpriseDB) C:\Users\Tobias\edb_psqlodbc.exe-20130725131327
2013-07-25 13:12 - 2013-07-25 13:13 - 07741664 _____ (EnterpriseDB) C:\Users\Tobias\edb_psqlodbc.exe-20130725131303
2013-07-25 13:12 - 2013-07-25 13:12 - 14549528 _____ (EnterpriseDB) C:\Users\Tobias\edb_pgbouncer.exe
2013-07-25 13:12 - 2013-07-25 13:12 - 12931216 _____ (EnterpriseDB) C:\Users\Tobias\edb_pgagent.exe
2013-07-25 13:12 - 2013-07-25 13:12 - 07741664 _____ (EnterpriseDB) C:\Users\Tobias\edb_psqlodbc.exe-20130725131254
2013-07-25 13:12 - 2013-07-25 13:12 - 07612832 _____ (EnterpriseDB) C:\Users\Tobias\edb_npgsql.exe
2013-07-25 13:12 - 2013-07-25 13:12 - 06976584 _____ (EnterpriseDB) C:\Users\Tobias\edb_pgjdbc.exe
2013-07-25 13:07 - 2013-07-25 13:07 - 00000000 ____D C:\Program Files\PostgreSQL
2013-07-22 23:56 - 2013-07-22 23:56 - 00006936 _____ C:\Users\Tobias\AppData\Local\recently-used.xbel
2013-07-20 01:58 - 2013-07-20 01:58 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-20 01:58 - 2013-07-20 01:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-20 01:58 - 2013-07-20 01:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-20 01:58 - 2013-07-20 01:58 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-20 01:58 - 2013-07-20 01:58 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-19 00:13 - 2013-07-19 00:14 - 00064764 _____ F:\Eigene Dateien\Eigene Dokumente\cc_20130719_001357.reg
2013-07-18 17:30 - 2013-07-18 17:34 - 00000000 ____D C:\Users\Tobias\Desktop\db
2013-07-17 15:26 - 2013-07-17 15:26 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-17 15:26 - 2013-07-17 15:26 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-17 15:26 - 2013-07-17 15:26 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-17 15:26 - 2013-07-17 15:26 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-17 02:49 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-07-17 02:49 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-07-17 02:49 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-07-17 02:49 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-17 02:49 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-17 02:49 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-07-17 02:49 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-07-17 02:49 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-17 02:49 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-17 02:49 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-17 02:49 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-17 02:49 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-07-17 02:49 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-07-17 02:49 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-17 02:49 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-07-17 02:49 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-07-17 02:49 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-17 02:49 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-17 02:49 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-17 02:49 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-07-17 02:49 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-07-17 02:49 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-07-17 02:49 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-07-17 02:49 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-07-17 02:49 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-07-17 02:49 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-07-17 02:49 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-07-17 02:49 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-07-17 02:49 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-07-17 02:49 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2013-07-17 02:49 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-07-17 02:49 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-07-17 02:49 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-07-17 02:49 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-07-17 02:49 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-07-12 21:16 - 2013-07-12 21:16 - 00000000 ____D C:\Users\Tobias\Downloads\easy_youtube_video_downloader-6.8-fx.xpi
2013-07-12 20:37 - 2013-07-12 20:40 - 00479744 _____ C:\Users\Tobias\Desktop\Ressrechner.xls
2013-07-09 23:36 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-09 23:36 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-09 23:36 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-09 23:36 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-09 23:36 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-09 23:35 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-09 23:35 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-09 23:35 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-09 23:35 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-09 23:35 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-09 23:35 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-09 23:35 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-09 23:35 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-09 23:35 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-09 23:35 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-09 23:35 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-09 23:35 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-09 23:35 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-09 23:35 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-09 23:35 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-09 23:35 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-09 23:35 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-09 23:34 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-09 23:34 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-09 21:18 - 2013-07-09 23:49 - 00000000 ____D C:\Users\Tobias\.VirtualBox
2013-07-09 21:18 - 2013-07-09 21:18 - 00000000 ____D C:\Users\Tobias\VirtualBox VMs
2013-07-09 21:14 - 2013-07-09 21:14 - 00001076 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2013-07-09 21:14 - 2013-07-09 21:14 - 00000000 ____D C:\Program Files\Oracle
2013-07-09 21:14 - 2013-07-04 15:58 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-07-09 21:14 - 2013-07-04 15:57 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-07-09 20:32 - 2013-07-09 20:32 - 00000000 ____D C:\Users\Tobias\Downloads\mee
2013-07-05 17:46 - 2013-07-05 17:46 - 00000000 ____D C:\Windows\SysWOW64\Adobe
165

==================== One Month Modified Files and Folders =======

2013-08-04 22:08 - 2013-08-04 22:08 - 01781485 _____ (Farbar) C:\Users\Tobias\Downloads\FRST64.exe
2013-08-04 22:07 - 2013-08-04 22:07 - 00000544 _____ C:\Users\Tobias\Desktop\defogger_disable.log
2013-08-04 22:07 - 2013-08-04 22:07 - 00000168 _____ C:\Users\Tobias\defogger_reenable
2013-08-04 22:07 - 2013-01-05 13:42 - 00000000 ____D C:\Users\Tobias
2013-08-04 22:05 - 2013-08-04 22:05 - 00050477 _____ C:\Users\Tobias\Downloads\Defogger.exe
2013-08-04 22:02 - 2013-08-04 22:02 - 00041602 _____ F:\Eigene Dateien\Eigene Dokumente\cc_20130804_220232.reg
2013-08-04 22:02 - 2013-05-30 02:16 - 00000000 ____D C:\Users\Tobias\AppData\Local\LogMeIn Hamachi
2013-08-04 22:02 - 2013-03-18 14:27 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\FileZilla
2013-08-04 22:02 - 2013-01-05 17:17 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Winamp
2013-08-04 22:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-08-04 21:52 - 2013-08-04 22:01 - 00000956 _____ C:\Users\Tobias\Desktop\AdwCleaner[R2].txt
2013-08-04 21:52 - 2013-08-04 21:52 - 00000956 _____ C:\AdwCleaner[R2].txt
2013-08-04 21:52 - 2012-07-26 12:27 - 00793640 _____ C:\Windows\system32\perfh007.dat
2013-08-04 21:52 - 2012-07-26 12:27 - 00170422 _____ C:\Windows\system32\perfc007.dat
2013-08-04 21:52 - 2012-07-26 09:28 - 01864284 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-04 21:49 - 2013-01-05 16:57 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Skype
2013-08-04 21:48 - 2013-01-05 15:09 - 00000000 ___RD C:\Users\Tobias\Dropbox
2013-08-04 21:48 - 2013-01-05 15:07 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Dropbox
2013-08-04 21:47 - 2013-02-18 21:06 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-04 21:47 - 2013-01-10 18:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-04 21:47 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-04 21:46 - 2013-01-05 15:12 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-04 21:45 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-08-04 21:44 - 2013-08-04 22:01 - 00008226 _____ C:\Users\Tobias\Desktop\AdwCleaner[S1].txt
2013-08-04 21:44 - 2013-08-04 22:01 - 00008173 _____ C:\Users\Tobias\Desktop\AdwCleaner[R1].txt
2013-08-04 21:44 - 2013-08-04 21:44 - 00008226 _____ C:\AdwCleaner[S1].txt
2013-08-04 21:44 - 2013-08-04 21:44 - 00008173 _____ C:\AdwCleaner[R1].txt
2013-08-04 21:44 - 2013-08-04 21:44 - 00000098 _____ C:\Windows\DeleteOnReboot.bat
2013-08-04 21:42 - 2013-08-04 21:42 - 00666633 _____ C:\Users\Tobias\Downloads\adwcleaner.exe
2013-08-04 21:34 - 2013-01-10 18:31 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-04 21:31 - 2013-02-18 21:06 - 00001138 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-04 21:31 - 2013-01-05 18:03 - 00000000 ____D C:\Users\Tobias\AppData\Local\Adobe
2013-08-04 18:36 - 2013-07-29 17:43 - 00002731 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-08-04 15:39 - 2013-03-13 00:23 - 00000000 ____D C:\Users\Tobias\AppData\Local\TSVNCache
2013-08-03 20:19 - 2013-08-03 19:59 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Audacity
2013-08-03 20:13 - 2013-08-03 20:13 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-08-03 20:01 - 2013-01-06 07:15 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\vlc
2013-08-03 19:57 - 2013-08-03 19:57 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-08-03 19:56 - 2013-08-03 19:56 - 00000000 ____D F:\Eigene Dateien\Eigene Dokumente\eRightSoft
2013-08-03 19:55 - 2013-08-03 19:55 - 00001112 _____ C:\Users\Public\Desktop\SUPER ©.lnk
2013-08-03 19:55 - 2013-08-03 19:55 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2013-08-03 18:51 - 2013-08-03 18:51 - 00001011 _____ C:\Users\Tobias\Desktop\Audacity.lnk
2013-08-03 18:51 - 2013-08-03 18:51 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-08-03 18:48 - 2013-07-03 14:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-03 18:47 - 2013-01-07 14:35 - 00796160 ___SH C:\Users\Tobias\Desktop\Thumbs.db
2013-08-03 17:52 - 2013-08-03 17:51 - 10567577 _____ C:\Users\Tobias\Desktop\Despicable Me 2 _ Minions Banana Song (2013) SNSD TTS - YouTube [1080p].mp4
2013-08-03 14:36 - 2013-07-29 17:32 - 00000030 _____ C:\Users\Tobias\Desktop\Neues Textdokument.txt
2013-08-03 13:18 - 2013-08-03 13:18 - 00001991 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2013-08-03 13:18 - 2013-02-01 22:26 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\LSC
2013-08-03 13:18 - 2013-01-05 18:19 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2013-08-03 13:18 - 2013-01-05 17:58 - 00000000 ____D C:\Program Files\Lenovo
2013-08-03 13:17 - 2013-01-05 17:49 - 00000000 ____D C:\Windows\Downloaded Installations
2013-08-01 22:31 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-31 18:54 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-31 14:00 - 2013-01-18 14:21 - 00000000 ____D C:\Users\Tobias\AppData\Local\Deployment
2013-07-30 16:05 - 2013-07-30 16:05 - 00020001 _____ F:\Eigene Dateien\Eigene Dokumente\playlist.m3u
2013-07-29 16:09 - 2013-07-29 16:09 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Avira
2013-07-29 16:03 - 2013-07-29 16:03 - 00000000 ____D C:\ProgramData\Avira
2013-07-29 16:03 - 2013-07-29 16:03 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-29 16:01 - 2013-01-06 22:42 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-28 21:31 - 2013-04-21 05:30 - 00000000 ____D C:\Users\Tobias\UMLet
2013-07-28 14:58 - 2013-01-08 07:12 - 00009216 ___SH C:\Users\Tobias\Thumbs.db
2013-07-27 16:17 - 2013-01-06 22:42 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-26 15:02 - 2013-01-05 15:45 - 00000000 ____D C:\Users\Tobias\AppData\Local\Microsoft Help
2013-07-25 13:35 - 2013-07-25 13:35 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\postgresql
2013-07-25 13:28 - 2013-07-25 13:28 - 00000000 ____D C:\Program Files (x86)\OpenNMS
2013-07-25 13:25 - 2013-07-25 13:25 - 00000000 ____D C:\Users\Tobias\Downloads\standalone-opennms-installer-1.10.11-1
2013-07-25 13:13 - 2013-07-25 13:13 - 07741664 _____ (EnterpriseDB) C:\Users\Tobias\edb_psqlodbc.exe-20130725131327
2013-07-25 13:13 - 2013-07-25 13:12 - 07741664 _____ (EnterpriseDB) C:\Users\Tobias\edb_psqlodbc.exe-20130725131303
2013-07-25 13:12 - 2013-07-25 13:12 - 14549528 _____ (EnterpriseDB) C:\Users\Tobias\edb_pgbouncer.exe
2013-07-25 13:12 - 2013-07-25 13:12 - 12931216 _____ (EnterpriseDB) C:\Users\Tobias\edb_pgagent.exe
2013-07-25 13:12 - 2013-07-25 13:12 - 07741664 _____ (EnterpriseDB) C:\Users\Tobias\edb_psqlodbc.exe-20130725131254
2013-07-25 13:12 - 2013-07-25 13:12 - 07612832 _____ (EnterpriseDB) C:\Users\Tobias\edb_npgsql.exe
2013-07-25 13:12 - 2013-07-25 13:12 - 06976584 _____ (EnterpriseDB) C:\Users\Tobias\edb_pgjdbc.exe
2013-07-25 13:07 - 2013-07-25 13:07 - 00000000 ____D C:\Program Files\PostgreSQL
2013-07-24 10:55 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\LiveKernelReports
2013-07-23 22:12 - 2013-01-06 21:04 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\TS3Client
2013-07-23 00:06 - 2013-01-27 23:34 - 00000000 ____D C:\Users\Tobias\.gimp-2.8
2013-07-22 23:56 - 2013-07-22 23:56 - 00006936 _____ C:\Users\Tobias\AppData\Local\recently-used.xbel
2013-07-20 01:58 - 2013-07-20 01:58 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-20 01:58 - 2013-07-20 01:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-20 01:58 - 2013-07-20 01:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-20 01:58 - 2013-07-20 01:58 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-20 01:58 - 2013-07-20 01:58 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-20 01:58 - 2013-01-10 19:05 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-20 01:58 - 2013-01-10 19:05 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-19 00:14 - 2013-07-19 00:13 - 00064764 _____ F:\Eigene Dateien\Eigene Dokumente\cc_20130719_001357.reg
2013-07-18 17:34 - 2013-07-18 17:30 - 00000000 ____D C:\Users\Tobias\Desktop\db
2013-07-18 17:30 - 2013-01-06 22:06 - 00000744 _____ C:\Users\Tobias\.Xauthority
2013-07-18 17:30 - 2013-01-06 22:05 - 00000000 ____D C:\Users\Tobias\.nx
2013-07-18 08:02 - 2013-07-29 16:03 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-18 08:02 - 2013-07-29 16:03 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-07-18 08:02 - 2013-07-29 16:03 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-17 15:26 - 2013-07-17 15:26 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-17 15:26 - 2013-07-17 15:26 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-17 15:26 - 2013-07-17 15:26 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-17 15:26 - 2013-07-17 15:26 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-17 15:26 - 2013-03-12 04:01 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-17 15:26 - 2013-03-12 04:01 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-17 15:26 - 2013-03-12 04:01 - 00000000 ____D C:\Program Files\Java
2013-07-14 17:35 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-13 04:26 - 2013-02-18 21:06 - 00004110 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 04:26 - 2013-02-18 21:06 - 00003874 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-12 21:16 - 2013-07-12 21:16 - 00000000 ____D C:\Users\Tobias\Downloads\easy_youtube_video_downloader-6.8-fx.xpi
2013-07-12 20:40 - 2013-07-12 20:37 - 00479744 _____ C:\Users\Tobias\Desktop\Ressrechner.xls
2013-07-12 18:08 - 2013-01-05 18:02 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Lenovo
2013-07-12 18:08 - 2013-01-05 17:58 - 00000000 ____D C:\Program Files (x86)\Lenovo
2013-07-12 18:07 - 2013-01-05 18:01 - 00000006 _____ C:\Windows\systemtype.txt
2013-07-12 18:07 - 2013-01-05 18:01 - 00000000 ____D C:\Users\Tobias\AppData\Local\Downloaded Installations
2013-07-11 13:15 - 2013-01-05 18:45 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2013-07-11 13:11 - 2013-03-13 19:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-11 13:11 - 2013-03-13 19:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-11 01:59 - 2012-07-26 12:29 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 21:15 - 2013-03-12 04:04 - 00000000 ____D C:\Users\Tobias\AppData\Local\Eclipse
2013-07-10 18:49 - 2013-01-05 13:50 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2333296273-3257369993-2269393847-1001
2013-07-10 18:39 - 2013-02-01 22:28 - 00000000 ____D C:\ldiag
2013-07-10 01:08 - 2013-01-05 15:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-10 01:05 - 2013-01-06 17:58 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-09 23:49 - 2013-07-09 21:18 - 00000000 ____D C:\Users\Tobias\.VirtualBox
2013-07-09 21:26 - 2013-04-12 14:36 - 00000000 ____D C:\ProgramData\VMware
2013-07-09 21:25 - 2013-04-12 14:37 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\VMware
2013-07-09 21:18 - 2013-07-09 21:18 - 00000000 ____D C:\Users\Tobias\VirtualBox VMs
2013-07-09 21:15 - 2013-04-12 14:37 - 00000000 ____D C:\Users\Tobias\AppData\Local\VMware
2013-07-09 21:14 - 2013-07-09 21:14 - 00001076 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2013-07-09 21:14 - 2013-07-09 21:14 - 00000000 ____D C:\Program Files\Oracle
2013-07-09 20:58 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-07-09 20:32 - 2013-07-09 20:32 - 00000000 ____D C:\Users\Tobias\Downloads\mee
2013-07-09 17:23 - 2013-01-12 12:56 - 00001090 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-07-08 21:34 - 2013-01-05 13:42 - 00000000 ____D C:\Users\Tobias\AppData\Local\VirtualStore
2013-07-07 04:03 - 2013-01-06 21:04 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-07-07 02:49 - 2013-04-10 21:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-07 02:49 - 2013-01-05 16:57 - 00000000 ____D C:\ProgramData\Skype
2013-07-05 17:46 - 2013-07-05 17:46 - 00000000 ____D C:\Windows\SysWOW64\Adobe

Files to move or delete:
====================
C:\Users\Tobias\edb_npgsql.exe
C:\Users\Tobias\edb_pgagent.exe
C:\Users\Tobias\edb_pgbouncer.exe
C:\Users\Tobias\edb_pgjdbc.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-01 03:47

==================== End Of Log ============================

--- --- ---

Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-08-2013
Ran by Tobias at 2013-08-04 22:10:03
Running from C:\Users\Tobias\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
7-Zip 9.20 (x32)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
8GadgetPack (x32 Version: 4.1.0)
Adobe AIR (x32 Version: 3.8.0.870)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
Adolix Split and Merge PDF v2.1 (x32)
Akamai NetSession Interface (HKCU)
Audacity 2.0.3 (x32 Version: 2.0.3)
Avira Free Antivirus (x32 Version: 13.0.0.3884)
Avira SearchFree Toolbar plus Web Protection (x32 Version: 12.2.2.663)
Cisco AnyConnect Secure Mobility Client  (x32 Version: 3.1.02040)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.02040)
Classic Shell (Version: 3.6.8)
Clover 3.0 (x32 Version: 3.0)
CodeBlocks (HKCU Version: 12.11)
Company of Heroes (New Steam Version) (x32)
Company of Heroes: Opposing Fronts (x32)
Counter-Strike (x32)
Counter-Strike: Global Offensive (x32)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
Darksiders (x32)
DarksidersInstaller (x32 Version: 1.00.1000)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dexpot (HKCU Version: 1.6.5)
Dolby Advanced Audio v2 (x32 Version: 7.2.8000.16)
Dropbox (HKCU Version: 2.0.22)
eaner (Version: 4.01)
FileZilla Client 3.2.7.1 (HKCU Version: 3.2.7.1)
GIMP 2.8.2 (Version: 2.8.2)
Google Drive (x32 Version: 1.10.4769.632)
Google Update Helper (x32 Version: 1.3.21.153)
Half-Life 2 (x32)
Hdd Speed Test Tool v. 1.0.14 (RC 1) (x32)
Help Center (x32 Version: 2.00n)
Heroes of Newerth (x32 Version: 2.3.0)
Hitman: Absolution (x32)
Homefront (x32)
Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2736182) (x32 Version: 1)
Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2813041) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2529927) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2548139) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2549864) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2635973) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2736182) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2813041) (x32 Version: 1)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (Version: 28.0.1315.0)
I.R.I.S. OCR (x32 Version: 12.3.4.0)
ImgBurn (x32 Version: 2.5.7.0)
Inkscape 0.48.4 (x32 Version: 0.48.4)
Integrated Camera Driver Installer Package Ver.1.0.0.19 (x32 Version: 1.0.0.19)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10)
Intel PROSet Wireless
Intel(R) Management Engine Components (x32 Version: 8.1.0.1281)
Intel(R) Network Connections Drivers (Version: 18.0)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2843)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.5.7.0503)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel(R) WiDi (Version: 3.5.34.0)
Intel® PROSet/Wireless WiFi-Software (Version: 15.05.7000.1763)
Intel® Trusted Connect Service Client (Version: 1.24.738.1)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java SE Development Kit 7 Update 17 (64-bit) (Version: 1.7.0.170)
LAME v3.99.3 (for Windows) (x32)
Lenovo Auto Scroll Utility (Version: 2.00)
Lenovo Patch Utility (x32 Version: 1.3.2.6)
Lenovo Patch Utility 64 bit (Version: 1.3.2.6)
Lenovo Power Management Driver (Version: 1.66.00.22)
Lenovo QuickLaunch (x32 Version: 1.2.0010)
Lenovo Settings - Camera Audio (Version: 4.0.96.0)
Lenovo Settings Dependency Package (Version: 1.1.1.10)
Lenovo Settings Mobile Hotspot (Version: 1.1.0.57)
Lenovo Solution Center (Version: 2.1.003.00)
Lenovo System Update (x32 Version: 5.02.0018)
Listary version 4.00 (Version: 4.00)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft ASP.NET MVC 2 - DEU (x32 Version: 2.0.50331.0)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (x32 Version: 2.0.50331.0)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (x32 Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (x32 Version: 2.0.50217.0)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219)
Microsoft Office 2010 Primary Interop Assemblies (x32 Version: 14.0.4763.1024)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Silverlight 3 SDK - Deutsch (x32 Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK - Deutsch (x32 Version: 4.0.50826.0)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser (x32 Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Management Objects (x64) (Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Transact-SQL-Sprachdienst (x32 Version: 10.50.1752.9)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (x32 Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Projekt (x32 Version: 10.50.1750.9)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0)
Microsoft SQL Server Database Publishing Wizard 1.4 (x32 Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1750.9)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1750.9)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 de (x32 Version: 1.0.3010.0)
Microsoft Sync Framework Services v1.0 SP1 (x64) de (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (Version: 2.0.3010.0)
Microsoft Team Foundation Server 2010 Object Model - DEU (Version: 10.0.40219)
Microsoft Team Foundation Server 2010-Objektmodell - DEU (Version: 10.0.40219)
Microsoft Visual C++  Compilers 2010 Standard - enu - x64 (Version: 10.0.40219)
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual F# 2.0 Runtime (x32 Version: 10.0.40219)
Microsoft Visual F# 2.0 Runtime Language Pack - DEU (x32 Version: 10.0.30319)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727)
Microsoft Visual J# 2.0 Redistributable Package (x32)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (Version: 10.0.40219)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.40219)
Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Performance Collection Tools SP1 - DEU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 SharePoint Developer Tools (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31007)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31010)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.31007)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303)
Microsoft Visual Studio 2010 Ultimate - DEU (x32 Version: 10.0.30319)
Microsoft Visual Studio 2010 Ultimate - DEU (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.31007)
Microsoft Visual Studio Macro Tools - DEU Language Pack (x32 Version: 9.0.30729)
Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729)
Microsoft Visual Studio ProjectAggregator2 (x32 Version: 1.0)
Microsoft-Maus- und Tastatur-Center (Version: 2.1.177.0)
MiKTeX 2.9 (Version: 2.9)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MyFreeCodec (HKCU)
Nalpeiron License Management (x32 Version: 6.3.9.1)
Notepad++ (x32 Version: 6.3.2)
NVIDIA 3D Vision Treiber 311.00 (Version: 311.00)
NVIDIA Grafiktreiber 311.00 (Version: 311.00)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA nView 136.53 (Version: 136.53)
NVIDIA Optimus 1.11.3 (Version: 1.11.3)
NVIDIA PhysX (x32 Version: 9.09.1112)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1100)
NVIDIA Systemsteuerung 311.00 (Version: 311.00)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
NX Client for Windows 3.5.0-9 (x32 Version: 3.5.0-9)
Oracle VM VirtualBox 4.2.16 (Version: 4.2.16)
PDF-Viewer (Version: 2.5.207.0)
Python 2.7.5 (x32 Version: 2.7.5150)
Raptr (x32)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6710)
RICOH_Media_Driver_v2.24.18.01 (x32 Version: 2.24.18.01)
Samsung Kies (x32 Version: 2.5.1.12123_2)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0)
Secure Download Manager (x32 Version: 3.1.0)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (Version: 10.1.2531.0)
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (x32 Version: 1.0.0)
Sicherheitsupdate für Microsoft Visual Studio 2010 Ultimate - DEU (KB2645410) (x32 Version: 1)
Skype™ 6.6 (x32 Version: 6.6.106)
SpeedSim (x32 Version: 0.9.8.1b)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
Steam (x32 Version: 1.0.0.0)
SUPER © v2013.build.57+Recorder (2013/07/13) Version v2013.buil (x32 Version: v2013.build.57+Recorder)
swMSM (x32 Version: 12.0.0.1)
Team Fortress 2 (x32)
TeamSpeak 3 Client (x32 Version: 3.0.10.1)
TeamViewer 8 (x32 Version: 8.0.19617)
TeXstudio 2.3 (x32 Version: 2.3.0)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 12.0.0.5200)
ThinkPad UltraNav Driver (Version: 16.2.19.7)
ThinkVantage Fingerprint Software (Version: 5.9.9.7282)
ThinkVantage Password Manager (x32 Version: 4.10.20.0)
ThinkVantage System für aktiven Festplattenschutz (Version: 1.77.0.11)
Titan Quest (x32)
TortoiseSVN 1.7.11.23600 (64 bit) (Version: 1.7.23600)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (Version: 10.1.2731.0)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553092) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Visual Studio 2010 Prerequisites - English (Version: 10.0.40219)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (x32 Version: 4.0.8080.0)
VLC media player 2.0.6 (Version: 2.0.6)
Warframe (x32)
Warhammer 40,000 Space Marine (x32)
WCF RIA Services V1.0 SP1 (x32 Version: 4.1.60114.0)
Web Deployment Tool (Version: 1.1.0618)
Winamp (x32 Version: 5.63 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)

==================== Restore Points  =========================

19-07-2013 23:57:44 Installed Java 7 Update 25
28-07-2013 23:44:28 Geplanter Prüfpunkt
03-08-2013 11:18:01 Installed Lenovo Solution Center.
04-08-2013 19:15:55 Removed System Requirements Lab CYRI

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {09BECB00-D87C-4B1C-9641-32E9E2E7A606} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {0AEBF994-7B6C-45A4-AB2B-5113E815EB81} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-04] (Adobe Systems Incorporated)
Task: {0FDFC812-F2D4-49B4-9851-B2C353FC51D5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {11A1117D-8851-418E-91DE-09F5F6A565DC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {13022200-86B4-4637-9578-4E1759AB6CF9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe No File
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {156A4253-A1DD-401F-A586-D16E95B2F75E} - System32\Tasks\Lenovo\Lenovo-14716 => C:\ProgramData\Lenovo-14716.vbs [2013-01-06] ()
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {283C7CEF-15F6-460D-A4B7-36568778C890} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2333296273-3257369993-2269393847-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {34FBF41F-D77F-42C6-860F-4974F8E5BCB1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-17] (Lenovo)
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AB30080-60A1-4629-9828-3553D2738253} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {3CD68369-EF40-415F-AFAD-F8D7B11371CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-18] (Google Inc.)
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {41127BFC-D610-466D-883E-CA21C4AEDC16} - System32\Tasks\Lenovo\Lenovo-21673 => C:\ProgramData\Lenovo-21673.vbs [2013-01-05] ()
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {467FF867-4C09-499C-8F91-EEB06E5FB121} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-05-17] ()
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4A4829B2-65CF-439A-9298-304BE12CCC26} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {4CBBFF35-5009-4E8E-9EC7-28C7E82766C6} - System32\Tasks\Lenovo\Lenovo-2931 => C:\ProgramData\Lenovo-2931.vbs [2013-02-02] ()
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {7EC445AC-FF04-4F80-B296-A37D6548FF82} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {8353DFEC-E42D-4CC8-A01E-52FD0F7193EA} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {8BE251E3-BEF9-4E59-A185-93167EF0AAC5} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2333296273-3257369993-2269393847-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {9848B566-0A09-4503-83EA-4C401301E5C9} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {9DBE223D-8682-49F5-B130-F9E7F4C46377} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-18] (Google Inc.)
Task: {A28F7384-5885-4E54-80A4-DE24BA173A6F} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B09AD285-749B-4E4A-8FFF-770025228394} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {C6FBA914-71C5-44B6-AC78-2FACF5671677} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {CAB13F1E-C5F2-4C1D-AAA6-4444ED9CDD06} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {CBBCFF45-3EAA-4CE3-84B2-B3E261B25D91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D4EB2587-3862-42AC-BDE0-7C98B6161503} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DE2D7E0F-5B1F-46A3-89B3-96D99A9D1133} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2333296273-3257369993-2269393847-1001
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E09734A3-D808-4A96-A702-C672E297072E} - System32\Tasks\Lenovo\Lenovo-14654 => C:\ProgramData\Lenovo-14654.vbs [2013-01-06] ()
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E653890E-11B2-413D-B237-9663F317E644} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2013-06-26] ()
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {E8E48D9A-30E3-4DEE-BCA8-DFEDDA3DA469} - System32\Tasks\Listary => C:\Program Files\Listary\Listary.exe [2013-04-06] (Bopsoft)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {FFE3FD50-646E-4A64-913B-23C4187E6025} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN-Miniport (Netzwerkmonitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN-Miniport (Netzwerkmonitor) #2
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: GT-I9100
Description: GT-I9100
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: SAMSUNG Electronics Co. Ltd. 
Service: WUDFWpdMtp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/04/2013 03:51:21 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (08/03/2013 07:54:54 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Updater.exe, Version: 1.1.3.8, Zeitstempel: 0x51fa0117
Name des fehlerhaften Moduls: browse~1.dll, Version: 2.6.1519.190, Zeitstempel: 0x51f24af7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00178d49
ID des fehlerhaften Prozesses: 0x27f4
Startzeit der fehlerhaften Anwendung: 0xUpdater.exe0
Pfad der fehlerhaften Anwendung: Updater.exe1
Pfad des fehlerhaften Moduls: Updater.exe2
Berichtskennung: Updater.exe3
Vollständiger Name des fehlerhaften Pakets: Updater.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Updater.exe5

Error: (08/03/2013 07:54:53 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Updater.exe, Version: 1.1.3.8, Zeitstempel: 0x51fa0117
Name des fehlerhaften Moduls: browse~1.dll, Version: 2.6.1519.190, Zeitstempel: 0x51f24af7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00178d49
ID des fehlerhaften Prozesses: 0x27f4
Startzeit der fehlerhaften Anwendung: 0xUpdater.exe0
Pfad der fehlerhaften Anwendung: Updater.exe1
Pfad des fehlerhaften Moduls: Updater.exe2
Berichtskennung: Updater.exe3
Vollständiger Name des fehlerhaften Pakets: Updater.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Updater.exe5

Error: (08/03/2013 06:48:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: bprotect.exe, Version: 2.6.1519.190, Zeitstempel: 0x51f24b41
Name des fehlerhaften Moduls: BrowserDefender.dll, Version: 2.6.1519.190, Zeitstempel: 0x51f24af7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00178d49
ID des fehlerhaften Prozesses: 0x14c4
Startzeit der fehlerhaften Anwendung: 0xbprotect.exe0
Pfad der fehlerhaften Anwendung: bprotect.exe1
Pfad des fehlerhaften Moduls: bprotect.exe2
Berichtskennung: bprotect.exe3
Vollständiger Name des fehlerhaften Pakets: bprotect.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bprotect.exe5

Error: (08/03/2013 06:48:12 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: bprotect.exe, Version: 2.6.1519.190, Zeitstempel: 0x51f24b41
Name des fehlerhaften Moduls: BrowserDefender.dll, Version: 2.6.1519.190, Zeitstempel: 0x51f24af7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00178d49
ID des fehlerhaften Prozesses: 0x14c4
Startzeit der fehlerhaften Anwendung: 0xbprotect.exe0
Pfad der fehlerhaften Anwendung: bprotect.exe1
Pfad des fehlerhaften Moduls: bprotect.exe2
Berichtskennung: bprotect.exe3
Vollständiger Name des fehlerhaften Pakets: bprotect.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bprotect.exe5

Error: (08/02/2013 02:55:50 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (07/30/2013 10:36:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WLANExt.exe, Version: 6.2.9200.16384, Zeitstempel: 0x5010891a
Name des fehlerhaften Moduls: IWMSSvc.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x50a5a3ad
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007f9d8866e53
ID des fehlerhaften Prozesses: 0x780
Startzeit der fehlerhaften Anwendung: 0xWLANExt.exe0
Pfad der fehlerhaften Anwendung: WLANExt.exe1
Pfad des fehlerhaften Moduls: WLANExt.exe2
Berichtskennung: WLANExt.exe3
Vollständiger Name des fehlerhaften Pakets: WLANExt.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WLANExt.exe5

Error: (07/30/2013 02:16:15 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (07/30/2013 02:02:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: TOBI-NOTEBOOK)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/29/2013 07:09:06 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005


System errors:
=============
Error: (08/04/2013 09:50:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist von folgendem Dienst abhängig: WSearch. Dieser Dienst ist möglicherweise nicht installiert.

Error: (08/04/2013 09:50:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/04/2013 09:50:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/04/2013 09:48:31 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/04/2013 09:48:31 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/04/2013 09:48:31 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{E6442437-6C68-4F52-94DD-2CFED267EFB9}{E6442437-6C68-4F52-94DD-2CFED267EFB9}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/04/2013 09:48:29 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/04/2013 09:48:29 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/04/2013 09:48:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Gerätezuordnungsdienst" wurde nicht richtig gestartet.

Error: (08/04/2013 09:47:39 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (08/04/2013 03:51:21 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (08/03/2013 07:54:54 PM) (Source: Application Error)(User: )
Description: Updater.exe1.1.3.851fa0117browse~1.dll2.6.1519.19051f24af7c000000500178d4927f401ce90728dbbfd33C:\Users\Tobias\AppData\Local\SwvUpdater\Updater.exec:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dllcd15f52b-fc65-11e2-bf1d-247703d02304

Error: (08/03/2013 07:54:53 PM) (Source: Application Error)(User: )
Description: Updater.exe1.1.3.851fa0117browse~1.dll2.6.1519.19051f24af7c000000500178d4927f401ce90728dbbfd33C:\Users\Tobias\AppData\Local\SwvUpdater\Updater.exec:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dllcc2774cf-fc65-11e2-bf1d-247703d02304

Error: (08/03/2013 06:48:13 PM) (Source: Application Error)(User: )
Description: bprotect.exe2.6.1519.19051f24b41BrowserDefender.dll2.6.1519.19051f24af7c000000500178d4914c401ce90693b9cf718C:\Users\Tobias\AppData\Local\Temp\nst524A.tmp\bprotect.exeC:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll7c437e13-fc5c-11e2-bf1d-247703d02304

Error: (08/03/2013 06:48:12 PM) (Source: Application Error)(User: )
Description: bprotect.exe2.6.1519.19051f24b41BrowserDefender.dll2.6.1519.19051f24af7c000000500178d4914c401ce90693b9cf718C:\Users\Tobias\AppData\Local\Temp\nst524A.tmp\bprotect.exeC:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll7b478deb-fc5c-11e2-bf1d-247703d02304

Error: (08/02/2013 02:55:50 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (07/30/2013 10:36:27 PM) (Source: Application Error)(User: )
Description: WLANExt.exe6.2.9200.163845010891aIWMSSvc.dll_unloaded0.0.0.050a5a3adc0000005000007f9d8866e5378001ce8c7a18fd9800C:\Windows\system32\WLANExt.exeIWMSSvc.dllb4ebe7b4-f957-11e2-bf1c-0021ccd37e34

Error: (07/30/2013 02:16:15 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (07/30/2013 02:02:45 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: TOBI-NOTEBOOK)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147023174

Error: (07/29/2013 07:09:06 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005


CodeIntegrity Errors:
===================================
  Date: 2013-08-04 21:48:47.581
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-04 18:37:20.716
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-04 15:39:35.490
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-03 19:59:17.151
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-03 19:59:17.096
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-03 19:59:16.299
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-03 19:59:16.232
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-31 12:04:01.153
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-30 15:24:23.554
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-29 18:39:35.649
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Percentage of memory in use: 32%
Total physical RAM: 7889.63 MB
Available physical RAM: 5363.22 MB
Total Pagefile: 9105.63 MB
Available Pagefile: 6381.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.24 GB) (Free:44.86 GB) NTFS (Disk=1 Partition=1)
Drive f: (Daten) (Fixed) (Total:433.3 GB) (Free:186.63 GB) NTFS (Disk=0 Partition=2)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 17F78249)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=433 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=22 GB) - (Type=05)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 17F78251)
Partition 1: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Bevor ich dann GMER ausführen wollte, hab ich wie in der Anweisung versucht, antivir zu deaktivieren. Allerdings bekam ich dann diesen Fehler:
"Auf das angegebene Gerät bzw. den Pfad oder die Datei kann nicht zugegriffen werden. Sie verfügen ggt. nicht über ausreichende Berechtigung, um auf das Element zugreifen zu können"
Edit:Hab vergessen zu erwähnen, dass ich nen scan mit avira gestartet habe, aber nach über 5 minuten noch keine Datei durchsucht wurde und es sich dann beim beenden aufgehängt hat
Hab WLAN wieder aktiviert und bin prompt beim googlen nach dem Problem wieder auf nen Thread von euch gestoßen: http://www.trojaner-board.de/130981-...te-bereit.html wobei ich, im gegensatz zu der Person in dem Thread, alle anderen Programme die ich bisher getestet habe öffnen kann, nur antivir lässt sich nicht mehr verändern.
Darum glaube ich, dass es durch den registry clean von CCleaner passiert ist. ich hab allerdings vor dem clean das reg file gespeichert, falls das was bringt.

Auf jedenfall hab ich dann trotzdem mal GMER gestartet, aber es hat sich nach einer Minute aufgehängt (Windows Meldung:"Das Programm funktioniert nicht mehr richtig")

Die erste und wichtigste Frage die ich habe:
Wie man an den logfiles ersehen kann, hab ich ein lenovo t430. Ich habe alle meine Passwörter nicht im Firefox, sondern in dem "Password Manager" von Lenovo gespeichert, der Zugang nur nach abscannen des Fingerabdrucks zulässt. Sind diese Passwörter noch verwendbar? ich hab nämlich ziemlich viele und erst letztens alle geändert. Ich hoffe doch mal, dass die Passwörter bei dem Programm sicherer abgelegt sind, als im Firefox oder?

Die zweite Frage: Wie löse ich das Problem mit avira, da ich ja sonst GMER nicht ausführen kann?
drittens: Woran könnte die Hohe Auslastung des PCs liegen. (Zu viele Prozesse?)
Und viertens: Ist das Problem mit der webcake deinstallation erledigt?

Wäre echt froh, wenn mir jemand helfen könnte, auch wenn ich durch mein eigenes "Rumdoktoren" noch nen Fehler verursacht hab

Vielen Dank schonmal im Vorraus und ich hoffe ich habe alles recht ausführlich beschrieben

Gruß night507

schrauber · 05.08.2013, 04:25

Hi,

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Und ein frisches frst log bitte.

night507 · 05.08.2013, 12:16

Hi, das Problem mit antivir hat sich übrigens nach nem neustart erledigt, soll ich dann jetzt GMER auch mal durchlaufen lassen?.
Und nachdem ich 2 Programme die ich nicht sehr häufig benutzt hab, aber immer im hintergrund liefen, deinstalliert hatte, hat sich die Prozessorauslastung auch wieder verringert ^^

So, hir mal die Logs:

Malwarebytes:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.08.05.03

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16635
Tobias :: TOBI-NOTEBOOK [Administrator]

05.08.2013 13:02:23
mbam-log-2013-08-05 (13-02-23).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 242850
Laufzeit: 2 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

frisches FRST:
FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-08-2013
Ran by Tobias (administrator) on 05-08-2013 13:09:37
Running from C:\Users\Tobias\Downloads
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Broadcom Corporation.) C:\Windows\system32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Lenovo Group Limited) C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Tobias\Downloads\FRST64(1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe [51712 2012-07-26] (Microsoft Corporation)
HKLM\...\Run: [TpShocks] - C:\WINDOWS\SYSTEM32\TpShocks.exe [382248 2013-02-12] (Lenovo.)
HKLM\...\Run: [LnvMobHotspotClient] - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937976 2013-04-11] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [594936 2013-02-28] (Lenovo Corporation)
HKLM\...\Run: [PasswordManager] - C:\Program Files\Lenovo\Password Manager\password_manager.exe [1534888 2012-10-23] (Lenovo Group Limited)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Windows\skipmetrosuite.exe,
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Tobias\AppData\Local\Akamai\netsession_win.exe [4441920 2012-10-09] (Akamai Technologies, Inc.)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1476104 2012-12-20] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2012-12-18] (Samsung Electronics)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
MountPoints2: {6dacaacc-bdee-11e2-bec2-689423ec0b00} - "D:\Windows\CHECK\DriveNavigator.exe" 
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [59392 2012-05-02] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] - rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor [x]
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [701872 2013-01-24] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-18] (Avira Operations GmbH & Co. KG)
HKU\Default\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-05-17] (Lenovo)
HKU\UpdatusUser\...\Run: [Akamai NetSession Interface] - C:\Users\Tobias\AppData\Local\Akamai\netsession_win.exe [4441920 2012-10-09] (Akamai Technologies, Inc.)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL,C:\Windows\system32\nvinitx.dll [245872 2013-01-11] (NVIDIA Corporation)
AppInit_DLLs-x32:  c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll c:\windows\syswow64\nvinit.dll [245872 2013-01-11] ()
IMEO\sidebar.exe: [Debugger] C:\Program Files (x86)\Windows Sidebar\8GadgetPack.exe -run
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

ProxyServer: proxy.fh-albsig.de:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {E0A620E2-999C-4647-86B9-EE413DD791BD} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281675&CUI=UN38280861895722233&UM=1&SSPV=SP_IENSP08
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: IePasswordManagerHelper Class - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Password Manager\tvtpwm_ie_com.dll (Lenovo Group Limited)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: IePasswordManagerHelper Class - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Password Manager\tvtpwm_ie_com.dll (Lenovo Group Limited)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - f:\Programme\Microsoft Visual Studio 2010 Ultimate\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} https://vpn.hs-albsig.de/CACHE/stc/1/binaries/vpnweb.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Extension: adblockpopups - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: antigameorigin - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\antigameorigin@antigame.de.xpi
FF Extension: firebug - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: gmailwatcher - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\gmailwatcher@sonthakit.xpi
FF Extension: jid0-SQnwtgW1b8BsMB5PLV5WScEDWOw - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOw@jetpack.xpi
FF Extension: mytube - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\mytube@ashishmishra.in.xpi
FF Extension: searchy - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\searchy@searchy.xpi
FF Extension: toolbar_AVIRA-V7 - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: youtube2mp3 - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\youtube2mp3@mondayx.de.xpi
FF Extension: YoutubeDownloader - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\{71bfcce7-421d-4042-95d4-a585a821cbca}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
FF Extension: No Name - C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\io7w1y72.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKCU\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [811064 2013-07-18] (Avira Operations GmbH & Co. KG)
R3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [152568 2013-02-28] (Lenovo Corporation)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2012-10-02] (Broadcom Corporation.)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2012-12-26] (Lenovo.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [1628664 2013-02-06] (Lenovo Group Limited)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [677880 2013-02-28] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [465912 2013-04-11] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [463352 2013-03-27] ()
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-11-15] ()
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22376 2013-06-26] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-11-15] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-02-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [83672 2013-07-18] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2012-10-02] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 BTWPANFL; C:\Windows\system32\drivers\btwpanfl.sys [44912 2013-01-19] (Broadcom Corporation.)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-05-09] (DT Soft Ltd)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c63x64.sys [452432 2012-11-26] (Intel Corporation)
R3 LenovoRd; C:\Windows\system32\DRIVERS\LenovoRd.sys [126848 2012-12-06] (Gemalto)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [27496 2012-07-30] (Lenovo)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4309032 2012-11-22] (Intel Corporation)
R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [284448 2013-01-11] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-18] (Synaptics Incorporated)
R2 smihlp2; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R3 tvtvcamd; C:\Windows\system32\DRIVERS\tvtvcamd.sys [27432 2011-12-08] (ThinkVantage Communications Utility)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [50128 2013-01-24] (Cisco Systems, Inc.)
S3 VSPerfDrv100; F:\Programme\Microsoft Visual Studio 2010 Ultimate\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2011-01-18] (Microsoft Corporation)
S3 VSPerfDrv100; F:\Programme\Microsoft Visual Studio 2010 Ultimate\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2011-01-18] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [x]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-05 13:00 - 2013-08-05 13:00 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-05 13:00 - 2013-08-05 13:00 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Malwarebytes
2013-08-05 13:00 - 2013-08-05 13:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-05 13:00 - 2013-08-05 13:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-05 13:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-05 12:56 - 2013-08-05 12:57 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Tobias\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-05 00:49 - 2013-08-05 00:50 - 00000000 ____D C:\Windows\system32\MRT
2013-08-05 00:39 - 2013-08-05 00:39 - 00423280 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-05 00:39 - 2013-08-05 00:39 - 00003596 _____ C:\Windows\PFRO.log
2013-08-04 22:46 - 2013-08-05 12:56 - 00376658 _____ C:\Windows\WindowsUpdate.log
2013-08-04 22:26 - 2013-08-04 22:26 - 00377856 _____ C:\Users\Tobias\Downloads\gcnqydz1.exe
2013-08-04 22:11 - 2013-08-04 22:11 - 00055457 _____ C:\Users\Tobias\Desktop\FRST.txt
2013-08-04 22:10 - 2013-08-04 22:11 - 00042878 _____ C:\Users\Tobias\Desktop\Addition.txt
2013-08-04 22:09 - 2013-08-04 22:09 - 00000000 ____D C:\FRST
2013-08-04 22:08 - 2013-08-04 22:08 - 01781485 _____ (Farbar) C:\Users\Tobias\Downloads\FRST64.exe
2013-08-04 22:07 - 2013-08-04 22:07 - 00000544 _____ C:\Users\Tobias\Desktop\defogger_disable.log
2013-08-04 22:07 - 2013-08-04 22:07 - 00000168 _____ C:\Users\Tobias\defogger_reenable
2013-08-04 22:05 - 2013-08-04 22:05 - 00050477 _____ C:\Users\Tobias\Downloads\Defogger.exe
2013-08-04 22:02 - 2013-08-04 22:02 - 00041602 _____ F:\Eigene Dateien\Eigene Dokumente\cc_20130804_220232.reg
2013-08-04 22:01 - 2013-08-04 21:52 - 00000956 _____ C:\Users\Tobias\Desktop\AdwCleaner[R2].txt
2013-08-04 22:01 - 2013-08-04 21:44 - 00008226 _____ C:\Users\Tobias\Desktop\AdwCleaner[S1].txt
2013-08-04 22:01 - 2013-08-04 21:44 - 00008173 _____ C:\Users\Tobias\Desktop\AdwCleaner[R1].txt
2013-08-04 21:52 - 2013-08-04 21:52 - 00000956 _____ C:\AdwCleaner[R2].txt
2013-08-04 21:44 - 2013-08-04 21:44 - 00008226 _____ C:\AdwCleaner[S1].txt
2013-08-04 21:44 - 2013-08-04 21:44 - 00008173 _____ C:\AdwCleaner[R1].txt
2013-08-04 21:44 - 2013-08-04 21:44 - 00000098 _____ C:\Windows\DeleteOnReboot.bat
2013-08-04 21:42 - 2013-08-04 21:42 - 00666633 _____ C:\Users\Tobias\Downloads\adwcleaner.exe
2013-08-03 20:13 - 2013-08-03 20:13 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-08-03 19:59 - 2013-08-03 20:19 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Audacity
2013-08-03 19:57 - 2013-08-03 19:57 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-08-03 19:57 - 2009-09-27 09:39 - 00369152 ___SH (The Public) C:\Windows\SysWOW64\avisynth.dll
2013-08-03 19:57 - 2005-07-14 12:31 - 00032256 ___SH C:\Windows\SysWOW64\AVSredirect.dll
2013-08-03 19:57 - 2004-02-22 10:11 - 00719872 ___SH (Abysmal Software) C:\Windows\SysWOW64\devil.dll
2013-08-03 19:57 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2013-08-03 19:57 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll
2013-08-03 19:56 - 2013-08-03 19:56 - 00000000 ____D F:\Eigene Dateien\Eigene Dokumente\eRightSoft
2013-08-03 19:55 - 2013-08-03 19:55 - 00001112 _____ C:\Users\Public\Desktop\SUPER ©.lnk
2013-08-03 19:55 - 2013-08-03 19:55 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2013-08-03 19:55 - 2012-10-05 19:54 - 00188416 __RSH C:\Windows\SysWOW64\winDCE32.dll
2013-08-03 19:55 - 2011-06-14 20:05 - 00121344 __RSH C:\Windows\SysWOW64\TAKDSDecoder.ax
2013-08-03 19:55 - 2011-02-11 11:26 - 00112128 __RSH C:\Windows\SysWOW64\OptimFROG.dll
2013-08-03 19:55 - 2010-01-07 00:00 - 00107520 __RSH C:\Windows\SysWOW64\TAKDSDecoder.dll
2013-08-03 19:55 - 2009-03-17 10:38 - 00070656 __RSH C:\Windows\SysWOW64\RLAPEDec.ax
2013-08-03 19:55 - 2009-01-18 17:15 - 00120832 __RSH C:\Windows\SysWOW64\MPCDx.ax
2013-08-03 19:55 - 2009-01-18 12:03 - 00107520 __RSH C:\Windows\SysWOW64\RLMPCDec.ax
2013-08-03 19:55 - 2008-03-16 14:30 - 00216064 __RSH (MONOGRAM Multimedia, s.r.o.) C:\Windows\SysWOW64\nbDX.dll
2013-08-03 19:55 - 2007-02-21 12:47 - 00031232 __RSH (Hans Mayerl) C:\Windows\SysWOW64\msfDX.dll
2013-08-03 19:55 - 2006-09-12 12:46 - 00227328 __RSH () C:\Windows\SysWOW64\ac3DX.ax
2013-08-03 19:55 - 2006-08-16 15:53 - 00175104 __RSH () C:\Windows\SysWOW64\CoreAAC.ax
2013-08-03 19:55 - 2006-05-03 11:06 - 00163328 __RSH (Gabest) C:\Windows\SysWOW64\flvDX.dll
2013-08-03 19:55 - 2006-03-10 21:21 - 00195584 __RSH C:\Windows\SysWOW64\MatroskaDX.ax
2013-08-03 19:55 - 2006-01-13 00:23 - 00123904 __RSH (CoreCodec) C:\Windows\SysWOW64\AVCDX.ax
2013-08-03 19:55 - 2005-11-25 21:46 - 00161792 __RSH (Gabest) C:\Windows\SysWOW64\RealMediaDX.ax
2013-08-03 19:55 - 2005-02-22 17:55 - 00081920 __RSH C:\Windows\SysWOW64\aac_parser.ax
2013-08-03 19:55 - 2005-02-13 00:00 - 00186880 __RSH (RadLight) C:\Windows\SysWOW64\RLOgg.ax
2013-08-03 19:55 - 2005-02-13 00:00 - 00067584 __RSH (RadLight, LLC) C:\Windows\SysWOW64\RLTheoraDec.ax
2013-08-03 19:55 - 2005-02-13 00:00 - 00051712 __RSH C:\Windows\SysWOW64\RLSpeexDec.ax
2013-08-03 19:55 - 2005-02-06 00:00 - 00092672 __RSH (RadLight) C:\Windows\SysWOW64\RLVorbisDec.ax
2013-08-03 19:55 - 2005-01-18 00:26 - 00179200 __RSH (Gabest) C:\Windows\SysWOW64\DiracSplitter.ax
2013-08-03 19:55 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2013-08-03 19:55 - 2004-09-17 04:07 - 00090112 __RSH (-) C:\Windows\SysWOW64\TTADSSplitter.ax
2013-08-03 19:55 - 2004-08-22 11:56 - 00090112 __RSH (-) C:\Windows\SysWOW64\TTADSDecoder.ax
2013-08-03 19:55 - 2004-07-02 17:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2013-08-03 19:55 - 2004-04-27 17:03 - 00017408 __RSH (RadLight) C:\Windows\SysWOW64\RLOFRDec.ax
2013-08-03 19:55 - 2003-12-07 08:59 - 00097280 __RSH C:\Windows\SysWOW64\FLACDX.ax
2013-08-03 18:51 - 2013-08-03 18:51 - 00001011 _____ C:\Users\Tobias\Desktop\Audacity.lnk
2013-08-03 18:51 - 2013-08-03 18:51 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-08-03 17:51 - 2013-08-03 17:52 - 10567577 _____ C:\Users\Tobias\Desktop\Despicable Me 2 _ Minions Banana Song (2013) SNSD TTS - YouTube [1080p].mp4
2013-08-03 13:18 - 2013-08-03 13:18 - 00001991 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2013-07-30 16:05 - 2013-07-30 16:05 - 00020001 _____ F:\Eigene Dateien\Eigene Dokumente\playlist.m3u
2013-07-29 17:43 - 2013-08-05 05:47 - 00003823 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-07-29 17:32 - 2013-08-03 14:36 - 00000030 _____ C:\Users\Tobias\Desktop\Neues Textdokument.txt
2013-07-29 16:09 - 2013-07-29 16:09 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Avira
2013-07-29 16:03 - 2013-07-29 16:03 - 00000000 ____D C:\ProgramData\Avira
2013-07-29 16:03 - 2013-07-29 16:03 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-29 16:03 - 2013-07-18 08:02 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-29 16:03 - 2013-07-18 08:02 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-07-29 16:03 - 2013-07-18 08:02 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-29 16:03 - 2013-02-26 16:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-07-25 13:35 - 2013-07-25 13:35 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\postgresql
2013-07-25 13:28 - 2013-07-25 13:28 - 00000000 ____D C:\Program Files (x86)\OpenNMS
2013-07-25 13:25 - 2013-07-25 13:25 - 00000000 ____D C:\Users\Tobias\Downloads\standalone-opennms-installer-1.10.11-1
2013-07-25 13:13 - 2013-07-25 13:13 - 07741664 _____ (EnterpriseDB) C:\Users\Tobias\edb_psqlodbc.exe-20130725131327
2013-07-25 13:12 - 2013-07-25 13:13 - 07741664 _____ (EnterpriseDB) C:\Users\Tobias\edb_psqlodbc.exe-20130725131303
2013-07-25 13:12 - 2013-07-25 13:12 - 14549528 _____ (EnterpriseDB) C:\Users\Tobias\edb_pgbouncer.exe
2013-07-25 13:12 - 2013-07-25 13:12 - 12931216 _____ (EnterpriseDB) C:\Users\Tobias\edb_pgagent.exe
2013-07-25 13:12 - 2013-07-25 13:12 - 07741664 _____ (EnterpriseDB) C:\Users\Tobias\edb_psqlodbc.exe-20130725131254
2013-07-25 13:12 - 2013-07-25 13:12 - 07612832 _____ (EnterpriseDB) C:\Users\Tobias\edb_npgsql.exe
2013-07-25 13:12 - 2013-07-25 13:12 - 06976584 _____ (EnterpriseDB) C:\Users\Tobias\edb_pgjdbc.exe
2013-07-25 13:07 - 2013-07-25 13:07 - 00000000 ____D C:\Program Files\PostgreSQL
2013-07-22 23:56 - 2013-07-22 23:56 - 00006936 _____ C:\Users\Tobias\AppData\Local\recently-used.xbel
2013-07-20 01:58 - 2013-07-20 01:58 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-20 01:58 - 2013-07-20 01:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-20 01:58 - 2013-07-20 01:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-20 01:58 - 2013-07-20 01:58 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-20 01:58 - 2013-07-20 01:58 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-19 00:13 - 2013-07-19 00:14 - 00064764 _____ F:\Eigene Dateien\Eigene Dokumente\cc_20130719_001357.reg
2013-07-18 17:30 - 2013-07-18 17:34 - 00000000 ____D C:\Users\Tobias\Desktop\db
2013-07-17 15:26 - 2013-07-17 15:26 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-17 15:26 - 2013-07-17 15:26 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-17 15:26 - 2013-07-17 15:26 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-17 15:26 - 2013-07-17 15:26 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-17 02:49 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-07-17 02:49 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-07-17 02:49 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-07-17 02:49 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-17 02:49 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-17 02:49 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-07-17 02:49 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-07-17 02:49 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-17 02:49 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-17 02:49 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-17 02:49 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-17 02:49 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-07-17 02:49 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-07-17 02:49 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-17 02:49 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-07-17 02:49 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-07-17 02:49 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-17 02:49 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-17 02:49 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-17 02:49 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-07-17 02:49 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-07-17 02:49 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-07-17 02:49 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-07-17 02:49 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-07-17 02:49 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-07-17 02:49 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-07-17 02:49 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-07-17 02:49 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-07-17 02:49 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-07-17 02:49 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2013-07-17 02:49 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-07-17 02:49 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-07-17 02:49 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-07-17 02:49 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-07-17 02:49 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-07-12 21:16 - 2013-07-12 21:16 - 00000000 ____D C:\Users\Tobias\Downloads\easy_youtube_video_downloader-6.8-fx.xpi
2013-07-12 20:37 - 2013-07-12 20:40 - 00479744 _____ C:\Users\Tobias\Desktop\Ressrechner.xls
2013-07-09 23:36 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-09 23:36 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-09 23:36 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-09 23:36 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-09 23:36 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-09 23:35 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-09 23:35 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-09 23:35 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-09 23:35 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-09 23:35 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-09 23:35 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-09 23:35 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-09 23:35 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-09 23:35 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-09 23:35 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-09 23:35 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-09 23:35 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-09 23:35 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-09 23:35 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-09 23:35 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-09 23:35 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-09 23:35 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-09 23:34 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-09 23:34 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-09 21:18 - 2013-07-09 23:49 - 00000000 ____D C:\Users\Tobias\.VirtualBox
2013-07-09 21:18 - 2013-07-09 21:18 - 00000000 ____D C:\Users\Tobias\VirtualBox VMs
2013-07-09 21:14 - 2013-07-09 21:14 - 00001076 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2013-07-09 21:14 - 2013-07-09 21:14 - 00000000 ____D C:\Program Files\Oracle
2013-07-09 21:14 - 2013-07-04 15:58 - 00238352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-07-09 21:14 - 2013-07-04 15:57 - 00120080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-07-09 20:32 - 2013-07-09 20:32 - 00000000 ____D C:\Users\Tobias\Downloads\mee
179

==================== One Month Modified Files and Folders =======

2013-08-05 13:04 - 2013-01-05 16:57 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Skype
2013-08-05 13:00 - 2013-08-05 13:00 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-05 13:00 - 2013-08-05 13:00 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Malwarebytes
2013-08-05 13:00 - 2013-08-05 13:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-05 13:00 - 2013-08-05 13:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-05 13:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-08-05 12:57 - 2013-08-05 12:56 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Tobias\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-05 12:56 - 2013-08-04 22:46 - 00376658 _____ C:\Windows\WindowsUpdate.log
2013-08-05 12:31 - 2013-02-18 21:06 - 00001138 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-05 10:59 - 2012-07-26 12:27 - 00793640 _____ C:\Windows\system32\perfh007.dat
2013-08-05 10:59 - 2012-07-26 12:27 - 00170422 _____ C:\Windows\system32\perfc007.dat
2013-08-05 10:59 - 2012-07-26 09:28 - 01864284 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-05 10:56 - 2013-01-05 15:09 - 00000000 ___RD C:\Users\Tobias\Dropbox
2013-08-05 10:56 - 2013-01-05 15:07 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Dropbox
2013-08-05 10:55 - 2013-03-13 00:23 - 00000000 ____D C:\Users\Tobias\AppData\Local\TSVNCache
2013-08-05 10:55 - 2013-02-18 21:06 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-05 10:55 - 2013-01-05 15:12 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-05 10:55 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-05 05:47 - 2013-07-29 17:43 - 00003823 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-08-05 05:47 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-08-05 03:13 - 2013-01-05 13:50 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2333296273-3257369993-2269393847-1001
2013-08-05 03:12 - 2013-01-10 18:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-05 03:05 - 2013-01-06 07:15 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\vlc
2013-08-05 00:50 - 2013-08-05 00:49 - 00000000 ____D C:\Windows\system32\MRT
2013-08-05 00:39 - 2013-08-05 00:39 - 00423280 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-05 00:39 - 2013-08-05 00:39 - 00003596 _____ C:\Windows\PFRO.log
2013-08-05 00:39 - 2013-01-05 17:58 - 00000000 ____D C:\Program Files\Lenovo
2013-08-05 00:13 - 2013-07-03 23:21 - 00000000 ____D C:\Program Files (x86)\Clover
2013-08-05 00:13 - 2013-07-03 21:36 - 00000000 ____D C:\Program Files\Listary
2013-08-04 23:37 - 2013-03-18 14:27 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\FileZilla
2013-08-04 22:59 - 2013-01-05 17:17 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Winamp
2013-08-04 22:48 - 2013-01-08 07:12 - 00009216 ___SH C:\Users\Tobias\Thumbs.db
2013-08-04 22:44 - 2013-01-07 14:35 - 00796160 ___SH C:\Users\Tobias\Desktop\Thumbs.db
2013-08-04 22:38 - 2013-05-30 02:16 - 00000000 ____D C:\Users\Tobias\AppData\Local\LogMeIn Hamachi
2013-08-04 22:26 - 2013-08-04 22:26 - 00377856 _____ C:\Users\Tobias\Downloads\gcnqydz1.exe
2013-08-04 22:11 - 2013-08-04 22:11 - 00055457 _____ C:\Users\Tobias\Desktop\FRST.txt
2013-08-04 22:11 - 2013-08-04 22:10 - 00042878 _____ C:\Users\Tobias\Desktop\Addition.txt
2013-08-04 22:09 - 2013-08-04 22:09 - 00000000 ____D C:\FRST
2013-08-04 22:08 - 2013-08-04 22:08 - 01781485 _____ (Farbar) C:\Users\Tobias\Downloads\FRST64.exe
2013-08-04 22:07 - 2013-08-04 22:07 - 00000544 _____ C:\Users\Tobias\Desktop\defogger_disable.log
2013-08-04 22:07 - 2013-08-04 22:07 - 00000168 _____ C:\Users\Tobias\defogger_reenable
2013-08-04 22:07 - 2013-01-05 13:42 - 00000000 ____D C:\Users\Tobias
2013-08-04 22:05 - 2013-08-04 22:05 - 00050477 _____ C:\Users\Tobias\Downloads\Defogger.exe
2013-08-04 22:02 - 2013-08-04 22:02 - 00041602 _____ F:\Eigene Dateien\Eigene Dokumente\cc_20130804_220232.reg
2013-08-04 21:52 - 2013-08-04 22:01 - 00000956 _____ C:\Users\Tobias\Desktop\AdwCleaner[R2].txt
2013-08-04 21:52 - 2013-08-04 21:52 - 00000956 _____ C:\AdwCleaner[R2].txt
2013-08-04 21:44 - 2013-08-04 22:01 - 00008226 _____ C:\Users\Tobias\Desktop\AdwCleaner[S1].txt
2013-08-04 21:44 - 2013-08-04 22:01 - 00008173 _____ C:\Users\Tobias\Desktop\AdwCleaner[R1].txt
2013-08-04 21:44 - 2013-08-04 21:44 - 00008226 _____ C:\AdwCleaner[S1].txt
2013-08-04 21:44 - 2013-08-04 21:44 - 00008173 _____ C:\AdwCleaner[R1].txt
2013-08-04 21:44 - 2013-08-04 21:44 - 00000098 _____ C:\Windows\DeleteOnReboot.bat
2013-08-04 21:42 - 2013-08-04 21:42 - 00666633 _____ C:\Users\Tobias\Downloads\adwcleaner.exe
2013-08-04 21:34 - 2013-01-10 18:31 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-04 21:34 - 2013-01-05 18:03 - 00000000 ____D C:\Users\Tobias\AppData\Local\Adobe
2013-08-03 20:19 - 2013-08-03 19:59 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Audacity
2013-08-03 20:13 - 2013-08-03 20:13 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-08-03 19:57 - 2013-08-03 19:57 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-08-03 19:56 - 2013-08-03 19:56 - 00000000 ____D F:\Eigene Dateien\Eigene Dokumente\eRightSoft
2013-08-03 19:55 - 2013-08-03 19:55 - 00001112 _____ C:\Users\Public\Desktop\SUPER ©.lnk
2013-08-03 19:55 - 2013-08-03 19:55 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2013-08-03 18:51 - 2013-08-03 18:51 - 00001011 _____ C:\Users\Tobias\Desktop\Audacity.lnk
2013-08-03 18:51 - 2013-08-03 18:51 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-08-03 18:48 - 2013-07-03 14:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-03 17:52 - 2013-08-03 17:51 - 10567577 _____ C:\Users\Tobias\Desktop\Despicable Me 2 _ Minions Banana Song (2013) SNSD TTS - YouTube [1080p].mp4
2013-08-03 14:36 - 2013-07-29 17:32 - 00000030 _____ C:\Users\Tobias\Desktop\Neues Textdokument.txt
2013-08-03 13:18 - 2013-08-03 13:18 - 00001991 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2013-08-03 13:18 - 2013-02-01 22:26 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\LSC
2013-08-03 13:18 - 2013-01-05 18:19 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2013-08-03 13:17 - 2013-01-05 17:49 - 00000000 ____D C:\Windows\Downloaded Installations
2013-08-01 22:31 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-31 18:54 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-31 14:00 - 2013-01-18 14:21 - 00000000 ____D C:\Users\Tobias\AppData\Local\Deployment
2013-07-30 16:05 - 2013-07-30 16:05 - 00020001 _____ F:\Eigene Dateien\Eigene Dokumente\playlist.m3u
2013-07-29 16:09 - 2013-07-29 16:09 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Avira
2013-07-29 16:03 - 2013-07-29 16:03 - 00000000 ____D C:\ProgramData\Avira
2013-07-29 16:03 - 2013-07-29 16:03 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-29 16:01 - 2013-01-06 22:42 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-28 21:31 - 2013-04-21 05:30 - 00000000 ____D C:\Users\Tobias\UMLet
2013-07-27 16:17 - 2013-01-06 22:42 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-26 15:02 - 2013-01-05 15:45 - 00000000 ____D C:\Users\Tobias\AppData\Local\Microsoft Help
2013-07-25 13:35 - 2013-07-25 13:35 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\postgresql
2013-07-25 13:28 - 2013-07-25 13:28 - 00000000 ____D C:\Program Files (x86)\OpenNMS
2013-07-25 13:25 - 2013-07-25 13:25 - 00000000 ____D C:\Users\Tobias\Downloads\standalone-opennms-installer-1.10.11-1
2013-07-25 13:13 - 2013-07-25 13:13 - 07741664 _____ (EnterpriseDB) C:\Users\Tobias\edb_psqlodbc.exe-20130725131327
2013-07-25 13:13 - 2013-07-25 13:12 - 07741664 _____ (EnterpriseDB) C:\Users\Tobias\edb_psqlodbc.exe-20130725131303
2013-07-25 13:12 - 2013-07-25 13:12 - 14549528 _____ (EnterpriseDB) C:\Users\Tobias\edb_pgbouncer.exe
2013-07-25 13:12 - 2013-07-25 13:12 - 12931216 _____ (EnterpriseDB) C:\Users\Tobias\edb_pgagent.exe
2013-07-25 13:12 - 2013-07-25 13:12 - 07741664 _____ (EnterpriseDB) C:\Users\Tobias\edb_psqlodbc.exe-20130725131254
2013-07-25 13:12 - 2013-07-25 13:12 - 07612832 _____ (EnterpriseDB) C:\Users\Tobias\edb_npgsql.exe
2013-07-25 13:12 - 2013-07-25 13:12 - 06976584 _____ (EnterpriseDB) C:\Users\Tobias\edb_pgjdbc.exe
2013-07-25 13:07 - 2013-07-25 13:07 - 00000000 ____D C:\Program Files\PostgreSQL
2013-07-24 10:55 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\LiveKernelReports
2013-07-23 22:12 - 2013-01-06 21:04 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\TS3Client
2013-07-23 00:06 - 2013-01-27 23:34 - 00000000 ____D C:\Users\Tobias\.gimp-2.8
2013-07-22 23:56 - 2013-07-22 23:56 - 00006936 _____ C:\Users\Tobias\AppData\Local\recently-used.xbel
2013-07-20 01:58 - 2013-07-20 01:58 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-20 01:58 - 2013-07-20 01:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-20 01:58 - 2013-07-20 01:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-20 01:58 - 2013-07-20 01:58 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-20 01:58 - 2013-07-20 01:58 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-20 01:58 - 2013-01-10 19:05 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-20 01:58 - 2013-01-10 19:05 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-19 00:14 - 2013-07-19 00:13 - 00064764 _____ F:\Eigene Dateien\Eigene Dokumente\cc_20130719_001357.reg
2013-07-18 17:34 - 2013-07-18 17:30 - 00000000 ____D C:\Users\Tobias\Desktop\db
2013-07-18 17:30 - 2013-01-06 22:06 - 00000744 _____ C:\Users\Tobias\.Xauthority
2013-07-18 17:30 - 2013-01-06 22:05 - 00000000 ____D C:\Users\Tobias\.nx
2013-07-18 08:02 - 2013-07-29 16:03 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-18 08:02 - 2013-07-29 16:03 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-07-18 08:02 - 2013-07-29 16:03 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-17 15:26 - 2013-07-17 15:26 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-17 15:26 - 2013-07-17 15:26 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-17 15:26 - 2013-07-17 15:26 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-17 15:26 - 2013-07-17 15:26 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-17 15:26 - 2013-03-12 04:01 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-17 15:26 - 2013-03-12 04:01 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-17 15:26 - 2013-03-12 04:01 - 00000000 ____D C:\Program Files\Java
2013-07-14 17:35 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-13 04:26 - 2013-02-18 21:06 - 00004110 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 04:26 - 2013-02-18 21:06 - 00003874 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-12 21:16 - 2013-07-12 21:16 - 00000000 ____D C:\Users\Tobias\Downloads\easy_youtube_video_downloader-6.8-fx.xpi
2013-07-12 20:40 - 2013-07-12 20:37 - 00479744 _____ C:\Users\Tobias\Desktop\Ressrechner.xls
2013-07-12 18:08 - 2013-01-05 18:02 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\Lenovo
2013-07-12 18:08 - 2013-01-05 17:58 - 00000000 ____D C:\Program Files (x86)\Lenovo
2013-07-12 18:07 - 2013-01-05 18:01 - 00000006 _____ C:\Windows\systemtype.txt
2013-07-12 18:07 - 2013-01-05 18:01 - 00000000 ____D C:\Users\Tobias\AppData\Local\Downloaded Installations
2013-07-11 13:15 - 2013-01-05 18:45 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2013-07-11 13:11 - 2013-03-13 19:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-11 13:11 - 2013-03-13 19:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-11 01:59 - 2012-07-26 12:29 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 21:15 - 2013-03-12 04:04 - 00000000 ____D C:\Users\Tobias\AppData\Local\Eclipse
2013-07-10 18:39 - 2013-02-01 22:28 - 00000000 ____D C:\ldiag
2013-07-10 01:08 - 2013-01-05 15:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-09 23:49 - 2013-07-09 21:18 - 00000000 ____D C:\Users\Tobias\.VirtualBox
2013-07-09 21:26 - 2013-04-12 14:36 - 00000000 ____D C:\ProgramData\VMware
2013-07-09 21:25 - 2013-04-12 14:37 - 00000000 ____D C:\Users\Tobias\AppData\Roaming\VMware
2013-07-09 21:18 - 2013-07-09 21:18 - 00000000 ____D C:\Users\Tobias\VirtualBox VMs
2013-07-09 21:15 - 2013-04-12 14:37 - 00000000 ____D C:\Users\Tobias\AppData\Local\VMware
2013-07-09 21:14 - 2013-07-09 21:14 - 00001076 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2013-07-09 21:14 - 2013-07-09 21:14 - 00000000 ____D C:\Program Files\Oracle
2013-07-09 20:58 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-07-09 20:32 - 2013-07-09 20:32 - 00000000 ____D C:\Users\Tobias\Downloads\mee
2013-07-09 17:23 - 2013-01-12 12:56 - 00001090 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-07-08 21:34 - 2013-01-05 13:42 - 00000000 ____D C:\Users\Tobias\AppData\Local\VirtualStore
2013-07-07 04:03 - 2013-01-06 21:04 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-07-07 02:49 - 2013-04-10 21:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-07 02:49 - 2013-01-05 16:57 - 00000000 ____D C:\ProgramData\Skype

Files to move or delete:
====================
C:\Users\Tobias\edb_npgsql.exe
C:\Users\Tobias\edb_pgagent.exe
C:\Users\Tobias\edb_pgbouncer.exe
C:\Users\Tobias\edb_pgjdbc.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-01 03:47

==================== End Of Log ============================

--- --- ---

Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-08-2013
Ran by Tobias at 2013-08-05 13:10:02
Running from C:\Users\Tobias\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
7-Zip 9.20 (x32)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
8GadgetPack (x32 Version: 4.1.0)
Adobe AIR (x32 Version: 3.8.0.870)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
Adolix Split and Merge PDF v2.1 (x32)
Akamai NetSession Interface (HKCU)
Audacity 2.0.3 (x32 Version: 2.0.3)
Avira Free Antivirus (x32 Version: 13.0.0.3884)
Avira SearchFree Toolbar plus Web Protection (x32 Version: 12.2.2.663)
Cisco AnyConnect Secure Mobility Client  (x32 Version: 3.1.02040)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.02040)
Classic Shell (Version: 3.6.8)
CodeBlocks (HKCU Version: 12.11)
Company of Heroes (New Steam Version) (x32)
Company of Heroes: Opposing Fronts (x32)
Counter-Strike (x32)
Counter-Strike: Global Offensive (x32)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
Darksiders (x32)
DarksidersInstaller (x32 Version: 1.00.1000)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dexpot (HKCU Version: 1.6.5)
Dolby Advanced Audio v2 (x32 Version: 7.2.8000.16)
Dropbox (HKCU Version: 2.0.22)
eaner (Version: 4.01)
FileZilla Client 3.2.7.1 (HKCU Version: 3.2.7.1)
GIMP 2.8.2 (Version: 2.8.2)
Google Drive (x32 Version: 1.10.4769.632)
Google Update Helper (x32 Version: 1.3.21.153)
Half-Life 2 (x32)
Hdd Speed Test Tool v. 1.0.14 (RC 1) (x32)
Help Center (x32 Version: 2.00n)
Heroes of Newerth (x32 Version: 2.3.0)
Hitman: Absolution (x32)
Homefront (x32)
Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2736182) (x32 Version: 1)
Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2813041) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2529927) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2548139) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2549864) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2635973) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2736182) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2813041) (x32 Version: 1)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (Version: 28.0.1315.0)
I.R.I.S. OCR (x32 Version: 12.3.4.0)
ImgBurn (x32 Version: 2.5.7.0)
Inkscape 0.48.4 (x32 Version: 0.48.4)
Integrated Camera Driver Installer Package Ver.1.0.0.19 (x32 Version: 1.0.0.19)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10)
Intel PROSet Wireless
Intel(R) Management Engine Components (x32 Version: 8.1.0.1281)
Intel(R) Network Connections Drivers (Version: 18.0)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2843)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.5.7.0503)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel(R) WiDi (Version: 3.5.34.0)
Intel® PROSet/Wireless WiFi-Software (Version: 15.05.7000.1763)
Intel® Trusted Connect Service Client (Version: 1.24.738.1)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java SE Development Kit 7 Update 17 (64-bit) (Version: 1.7.0.170)
LAME v3.99.3 (for Windows) (x32)
Lenovo Auto Scroll Utility (Version: 2.00)
Lenovo Patch Utility (x32 Version: 1.3.2.6)
Lenovo Patch Utility 64 bit (Version: 1.3.2.6)
Lenovo Power Management Driver (Version: 1.66.00.22)
Lenovo QuickLaunch (x32 Version: 1.2.0010)
Lenovo Settings - Camera Audio (Version: 4.0.96.0)
Lenovo Settings Dependency Package (Version: 1.1.1.10)
Lenovo Settings Mobile Hotspot (Version: 1.1.0.57)
Lenovo Solution Center (Version: 2.1.003.00)
Lenovo System Update (x32 Version: 5.02.0018)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft ASP.NET MVC 2 - DEU (x32 Version: 2.0.50331.0)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (x32 Version: 2.0.50331.0)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (x32 Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (x32 Version: 2.0.50217.0)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219)
Microsoft Office 2010 Primary Interop Assemblies (x32 Version: 14.0.4763.1024)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Silverlight 3 SDK - Deutsch (x32 Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK - Deutsch (x32 Version: 4.0.50826.0)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser (x32 Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Management Objects (x64) (Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Transact-SQL-Sprachdienst (x32 Version: 10.50.1752.9)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (x32 Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Projekt (x32 Version: 10.50.1750.9)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0)
Microsoft SQL Server Database Publishing Wizard 1.4 (x32 Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1750.9)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1750.9)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 de (x32 Version: 1.0.3010.0)
Microsoft Sync Framework Services v1.0 SP1 (x64) de (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (Version: 2.0.3010.0)
Microsoft Team Foundation Server 2010 Object Model - DEU (Version: 10.0.40219)
Microsoft Team Foundation Server 2010-Objektmodell - DEU (Version: 10.0.40219)
Microsoft Visual C++  Compilers 2010 Standard - enu - x64 (Version: 10.0.40219)
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual F# 2.0 Runtime (x32 Version: 10.0.40219)
Microsoft Visual F# 2.0 Runtime Language Pack - DEU (x32 Version: 10.0.30319)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727)
Microsoft Visual J# 2.0 Redistributable Package (x32)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (Version: 10.0.40219)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.40219)
Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Performance Collection Tools SP1 - DEU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 SharePoint Developer Tools (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31007)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31010)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.31007)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303)
Microsoft Visual Studio 2010 Ultimate - DEU (x32 Version: 10.0.30319)
Microsoft Visual Studio 2010 Ultimate - DEU (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.31007)
Microsoft Visual Studio Macro Tools - DEU Language Pack (x32 Version: 9.0.30729)
Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729)
Microsoft Visual Studio ProjectAggregator2 (x32 Version: 1.0)
Microsoft-Maus- und Tastatur-Center (Version: 2.1.177.0)
MiKTeX 2.9 (Version: 2.9)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MyFreeCodec (HKCU)
Nalpeiron License Management (x32 Version: 6.3.9.1)
Notepad++ (x32 Version: 6.3.2)
NVIDIA 3D Vision Treiber 311.00 (Version: 311.00)
NVIDIA Grafiktreiber 311.00 (Version: 311.00)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA nView 136.53 (Version: 136.53)
NVIDIA Optimus 1.11.3 (Version: 1.11.3)
NVIDIA PhysX (x32 Version: 9.09.1112)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1100)
NVIDIA Systemsteuerung 311.00 (Version: 311.00)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
NX Client for Windows 3.5.0-9 (x32 Version: 3.5.0-9)
Oracle VM VirtualBox 4.2.16 (Version: 4.2.16)
PDF-Viewer (Version: 2.5.207.0)
Python 2.7.5 (x32 Version: 2.7.5150)
Raptr (x32)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6710)
RICOH_Media_Driver_v2.24.18.01 (x32 Version: 2.24.18.01)
Samsung Kies (x32 Version: 2.5.1.12123_2)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0)
Secure Download Manager (x32 Version: 3.1.0)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (Version: 10.1.2531.0)
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (x32 Version: 1.0.0)
Sicherheitsupdate für Microsoft Visual Studio 2010 Ultimate - DEU (KB2645410) (x32 Version: 1)
Skype™ 6.6 (x32 Version: 6.6.106)
SpeedSim (x32 Version: 0.9.8.1b)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
Steam (x32 Version: 1.0.0.0)
SUPER © v2013.build.57+Recorder (2013/07/13) Version v2013.buil (x32 Version: v2013.build.57+Recorder)
swMSM (x32 Version: 12.0.0.1)
Team Fortress 2 (x32)
TeamSpeak 3 Client (x32 Version: 3.0.10.1)
TeamViewer 8 (x32 Version: 8.0.19617)
TeXstudio 2.3 (x32 Version: 2.3.0)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 12.0.0.5200)
ThinkPad UltraNav Driver (Version: 16.2.19.7)
ThinkVantage Fingerprint Software (Version: 5.9.9.7282)
ThinkVantage Password Manager (x32 Version: 4.10.20.0)
ThinkVantage System für aktiven Festplattenschutz (Version: 1.77.0.11)
Titan Quest (x32)
TortoiseSVN 1.7.11.23600 (64 bit) (Version: 1.7.23600)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (Version: 10.1.2731.0)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553092) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Visual Studio 2010 Prerequisites - English (Version: 10.0.40219)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (x32 Version: 4.0.8080.0)
VLC media player 2.0.6 (Version: 2.0.6)
Warframe (x32)
Warhammer 40,000 Space Marine (x32)
WCF RIA Services V1.0 SP1 (x32 Version: 4.1.60114.0)
Web Deployment Tool (Version: 1.1.0618)
Winamp (x32 Version: 5.63 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)

==================== Restore Points  =========================

19-07-2013 23:57:44 Installed Java 7 Update 25
28-07-2013 23:44:28 Geplanter Prüfpunkt
03-08-2013 11:18:01 Installed Lenovo Solution Center.
04-08-2013 19:15:55 Removed System Requirements Lab CYRI

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {09BECB00-D87C-4B1C-9641-32E9E2E7A606} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {0AEBF994-7B6C-45A4-AB2B-5113E815EB81} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-04] (Adobe Systems Incorporated)
Task: {0FDFC812-F2D4-49B4-9851-B2C353FC51D5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {11A1117D-8851-418E-91DE-09F5F6A565DC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {13022200-86B4-4637-9578-4E1759AB6CF9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe No File
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {156A4253-A1DD-401F-A586-D16E95B2F75E} - System32\Tasks\Lenovo\Lenovo-14716 => C:\ProgramData\Lenovo-14716.vbs [2013-01-06] ()
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {283C7CEF-15F6-460D-A4B7-36568778C890} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2333296273-3257369993-2269393847-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {34FBF41F-D77F-42C6-860F-4974F8E5BCB1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-17] (Lenovo)
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AB30080-60A1-4629-9828-3553D2738253} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {3CD68369-EF40-415F-AFAD-F8D7B11371CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-18] (Google Inc.)
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {41127BFC-D610-466D-883E-CA21C4AEDC16} - System32\Tasks\Lenovo\Lenovo-21673 => C:\ProgramData\Lenovo-21673.vbs [2013-01-05] ()
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {467FF867-4C09-499C-8F91-EEB06E5FB121} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-05-17] ()
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4A4829B2-65CF-439A-9298-304BE12CCC26} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {4CBBFF35-5009-4E8E-9EC7-28C7E82766C6} - System32\Tasks\Lenovo\Lenovo-2931 => C:\ProgramData\Lenovo-2931.vbs [2013-02-02] ()
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {7EC445AC-FF04-4F80-B296-A37D6548FF82} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {8353DFEC-E42D-4CC8-A01E-52FD0F7193EA} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {8BE251E3-BEF9-4E59-A185-93167EF0AAC5} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2333296273-3257369993-2269393847-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No File
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {9848B566-0A09-4503-83EA-4C401301E5C9} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {9DBE223D-8682-49F5-B130-F9E7F4C46377} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-18] (Google Inc.)
Task: {A28F7384-5885-4E54-80A4-DE24BA173A6F} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B09AD285-749B-4E4A-8FFF-770025228394} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {C6FBA914-71C5-44B6-AC78-2FACF5671677} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {CAB13F1E-C5F2-4C1D-AAA6-4444ED9CDD06} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {CBBCFF45-3EAA-4CE3-84B2-B3E261B25D91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D4EB2587-3862-42AC-BDE0-7C98B6161503} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DE2D7E0F-5B1F-46A3-89B3-96D99A9D1133} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2333296273-3257369993-2269393847-1001
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E09734A3-D808-4A96-A702-C672E297072E} - System32\Tasks\Lenovo\Lenovo-14654 => C:\ProgramData\Lenovo-14654.vbs [2013-01-06] ()
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E653890E-11B2-413D-B237-9663F317E644} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2013-06-26] ()
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {FFE3FD50-646E-4A64-913B-23C4187E6025} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN-Miniport (Netzwerkmonitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN-Miniport (Netzwerkmonitor) #2
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (08/05/2013 03:25:44 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (08/05/2013 00:02:09 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.2.9200.16628, Zeitstempel: 0x51a94434
Name des fehlerhaften Moduls: nview64.dll, Version: 6.14.10.13653, Zeitstempel: 0x503f0bea
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000740b
ID des fehlerhaften Prozesses: 0x758
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (08/04/2013 10:59:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ImgBurn.exe, Version: 2.5.7.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: nvinit.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x50ef1ca7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74eece59
ID des fehlerhaften Prozesses: 0xad8
Startzeit der fehlerhaften Anwendung: 0xImgBurn.exe0
Pfad der fehlerhaften Anwendung: ImgBurn.exe1
Pfad des fehlerhaften Moduls: ImgBurn.exe2
Berichtskennung: ImgBurn.exe3
Vollständiger Name des fehlerhaften Pakets: ImgBurn.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ImgBurn.exe5

Error: (08/04/2013 10:59:01 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ImgBurn.exe, Version: 2.5.7.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00053cd7
ID des fehlerhaften Prozesses: 0xad8
Startzeit der fehlerhaften Anwendung: 0xImgBurn.exe0
Pfad der fehlerhaften Anwendung: ImgBurn.exe1
Pfad des fehlerhaften Moduls: ImgBurn.exe2
Berichtskennung: ImgBurn.exe3
Vollständiger Name des fehlerhaften Pakets: ImgBurn.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ImgBurn.exe5

Error: (08/04/2013 10:51:35 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: gcnqydz1.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Name des fehlerhaften Moduls: gcnqydz1.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0007e1f4
ID des fehlerhaften Prozesses: 0xc98
Startzeit der fehlerhaften Anwendung: 0xgcnqydz1.exe0
Pfad der fehlerhaften Anwendung: gcnqydz1.exe1
Pfad des fehlerhaften Moduls: gcnqydz1.exe2
Berichtskennung: gcnqydz1.exe3
Vollständiger Name des fehlerhaften Pakets: gcnqydz1.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: gcnqydz1.exe5

Error: (08/04/2013 10:47:54 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: gcnqydz1.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Name des fehlerhaften Moduls: gcnqydz1.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00087ea6
ID des fehlerhaften Prozesses: 0x1d00
Startzeit der fehlerhaften Anwendung: 0xgcnqydz1.exe0
Pfad der fehlerhaften Anwendung: gcnqydz1.exe1
Pfad des fehlerhaften Moduls: gcnqydz1.exe2
Berichtskennung: gcnqydz1.exe3
Vollständiger Name des fehlerhaften Pakets: gcnqydz1.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: gcnqydz1.exe5

Error: (08/04/2013 10:39:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: nvtray.exe, Version: 7.17.13.1100, Zeitstempel: 0x50ef28f0
Name des fehlerhaften Moduls: nvtray.exe, Version: 7.17.13.1100, Zeitstempel: 0x50ef28f0
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000155149
ID des fehlerhaften Prozesses: 0x11b4
Startzeit der fehlerhaften Anwendung: 0xnvtray.exe0
Pfad der fehlerhaften Anwendung: nvtray.exe1
Pfad des fehlerhaften Moduls: nvtray.exe2
Berichtskennung: nvtray.exe3
Vollständiger Name des fehlerhaften Pakets: nvtray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvtray.exe5

Error: (08/04/2013 03:51:21 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (08/03/2013 07:54:54 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Updater.exe, Version: 1.1.3.8, Zeitstempel: 0x51fa0117
Name des fehlerhaften Moduls: browse~1.dll, Version: 2.6.1519.190, Zeitstempel: 0x51f24af7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00178d49
ID des fehlerhaften Prozesses: 0x27f4
Startzeit der fehlerhaften Anwendung: 0xUpdater.exe0
Pfad der fehlerhaften Anwendung: Updater.exe1
Pfad des fehlerhaften Moduls: Updater.exe2
Berichtskennung: Updater.exe3
Vollständiger Name des fehlerhaften Pakets: Updater.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Updater.exe5

Error: (08/03/2013 07:54:53 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Updater.exe, Version: 1.1.3.8, Zeitstempel: 0x51fa0117
Name des fehlerhaften Moduls: browse~1.dll, Version: 2.6.1519.190, Zeitstempel: 0x51f24af7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00178d49
ID des fehlerhaften Prozesses: 0x27f4
Startzeit der fehlerhaften Anwendung: 0xUpdater.exe0
Pfad der fehlerhaften Anwendung: Updater.exe1
Pfad des fehlerhaften Moduls: Updater.exe2
Berichtskennung: Updater.exe3
Vollständiger Name des fehlerhaften Pakets: Updater.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Updater.exe5


System errors:
=============
Error: (08/05/2013 10:57:32 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist von folgendem Dienst abhängig: WSearch. Dieser Dienst ist möglicherweise nicht installiert.

Error: (08/05/2013 10:57:31 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/05/2013 10:57:31 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/05/2013 10:55:32 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/05/2013 10:55:32 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/05/2013 10:55:30 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/05/2013 10:55:30 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/05/2013 05:36:06 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist von folgendem Dienst abhängig: WSearch. Dieser Dienst ist möglicherweise nicht installiert.

Error: (08/05/2013 05:36:05 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/05/2013 05:36:05 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (08/05/2013 03:25:44 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (08/05/2013 00:02:09 AM) (Source: Application Error)(User: )
Description: Explorer.EXE6.2.9200.1662851a94434nview64.dll6.14.10.13653503f0beac0000005000000000000740b75801ce914b69a9919cC:\Windows\Explorer.EXEC:\Program Files\NVIDIA Corporation\nview\nview64.dll81da570a-fd51-11e2-bf20-247703d02304

Error: (08/04/2013 10:59:04 PM) (Source: Application Error)(User: )
Description: ImgBurn.exe2.5.7.000000000nvinit.dll_unloaded0.0.0.050ef1ca7c000000574eece59ad801ce9155720dfcc3C:\Program Files (x86)\ImgBurn\ImgBurn.exenvinit.dllb18df70f-fd48-11e2-bf20-247703d02304

Error: (08/04/2013 10:59:01 PM) (Source: Application Error)(User: )
Description: ImgBurn.exe2.5.7.000000000ntdll.dll6.2.9200.16578515fac6ec000000500053cd7ad801ce9155720dfcc3C:\Program Files (x86)\ImgBurn\ImgBurn.exeC:\Windows\SYSTEM32\ntdll.dllafcd9bbd-fd48-11e2-bf20-247703d02304

Error: (08/04/2013 10:51:35 PM) (Source: Application Error)(User: )
Description: gcnqydz1.exe2.1.19163.0515d31f0gcnqydz1.exe2.1.19163.0515d31f0c00004090007e1f4c9801ce9153f08d3792C:\Users\Tobias\Downloads\gcnqydz1.exeC:\Users\Tobias\Downloads\gcnqydz1.exea6204b22-fd47-11e2-bf20-247703d02304

Error: (08/04/2013 10:47:54 PM) (Source: Application Error)(User: )
Description: gcnqydz1.exe2.1.19163.0515d31f0gcnqydz1.exe2.1.19163.0515d31f0c000000500087ea61d0001ce9152836a1887C:\Users\Tobias\Downloads\gcnqydz1.exeC:\Users\Tobias\Downloads\gcnqydz1.exe2292a4cf-fd47-11e2-bf20-247703d02304

Error: (08/04/2013 10:39:05 PM) (Source: Application Error)(User: )
Description: nvtray.exe7.17.13.110050ef28f0nvtray.exe7.17.13.110050ef28f040000015000000000015514911b401ce914b7a7a6cd5C:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exee726b7d5-fd45-11e2-bf20-247703d02304

Error: (08/04/2013 03:51:21 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (08/03/2013 07:54:54 PM) (Source: Application Error)(User: )
Description: Updater.exe1.1.3.851fa0117browse~1.dll2.6.1519.19051f24af7c000000500178d4927f401ce90728dbbfd33C:\Users\Tobias\AppData\Local\SwvUpdater\Updater.exec:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dllcd15f52b-fc65-11e2-bf1d-247703d02304

Error: (08/03/2013 07:54:53 PM) (Source: Application Error)(User: )
Description: Updater.exe1.1.3.851fa0117browse~1.dll2.6.1519.19051f24af7c000000500178d4927f401ce90728dbbfd33C:\Users\Tobias\AppData\Local\SwvUpdater\Updater.exec:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dllcc2774cf-fc65-11e2-bf1d-247703d02304


CodeIntegrity Errors:
===================================
  Date: 2013-08-05 10:56:11.873
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-05 05:34:45.747
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-05 00:40:09.126
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-04 21:48:47.581
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-04 18:37:20.716
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-04 15:39:35.490
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-03 19:59:17.151
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-03 19:59:17.096
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-03 19:59:16.299
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-03 19:59:16.232
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Percentage of memory in use: 28%
Total physical RAM: 7889.63 MB
Available physical RAM: 5628.17 MB
Total Pagefile: 9105.63 MB
Available Pagefile: 6601.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.24 GB) (Free:44.2 GB) NTFS (Disk=1 Partition=1)
Drive f: (Daten) (Fixed) (Total:433.3 GB) (Free:186.63 GB) NTFS (Disk=0 Partition=2)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 17F78249)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=433 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=22 GB) - (Type=05)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 17F78251)
Partition 1: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 05.08.2013, 13:43

Lesestoff:
Warum wir Avira nicht mehr empfehlen
Avira liefert seit einiger Zeit mit der Standardinstallation die Ask Toolbar mit aus. Diese Toolbar ist Voraussetzung dafür, dass der Webguard zuverlässig funktioniert. Die Ask Toolbar ist dafür bekannt, dass sie das Surfverhalten des Benutzers ausspioniert, um damit in letzter Konsequenz Geld zu verdienen. Daher wird von uns auf diesem Board als "schädlich" eingestuft. Mehr Informationen.

Eine Sicherheitsfirma, die dem Benutzer praktisch ungefragt schädliche Software "unterjubelt", scheidet für uns daher aus. Wir empfehlen daher allen Nutzern von Avira aufgrund dieser Geschäftspraktik, der teilweise äußerst schlechten Erkennungsrate und der überaus nervtötenden Werbung Avira zu deinstallieren und auf ein alternatives Produkt auszuweichen.

Solltest du dich zu einem Wechsel entscheiden, empfehlen wir dir nach der Deinstallation mit dem Avira-Cleaner alle Reste zu entfernen.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

night507 · 07.08.2013, 16:07

Hallo, ich werd mich drum kümmern. allerdings hab ich erst ab freitag dafür zeit. bin gerade in berlin im urlaub ^^

schrauber · 07.08.2013, 20:26

ok

07.08.2013, 20:26	#6
schrauber /// the machine /// TB-Ausbilder	Windows 8: webcake + antivir Berechtigung fehlt ok __________________ --> Windows 8: webcake + antivir Berechtigung fehlt

Windows 8: webcake + antivir Berechtigung fehlt

Log-Analyse und Auswertung: Windows 8: webcake + antivir Berechtigung fehlt